with the erase and reload instructions. Perform those steps on all

with the erase and reload instructions. Perform those steps on all
LAB Switching
Configure a switch with a name and an IP address.
Configure passwords to ensure that access to the CLI is secured.
Configure switch port speed and duplex properties for an interface.
Save the active configuration.
View the switch browser interface.
Manage the switch MAC table
Create a static address entry in the switch MAC table.
Remove the created static MAC address entry.
Configure port security on individual FastEthernet ports
Move a PC from one switch port to another and add a new PC to the switch.
Cable a network similar to the one in the diagram.
Note: Start with the erase and reload instructions. Perform those steps on all switches
in this lab assignment before continuing.
Erasing and Reloading the Switch
Enter into the privileged EXEC mode by typing enable.
If prompted for a password, enter class (if that does not work, ask the instructor).
2. Remove the VLAN database information file.
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?[Enter]
Delete flash:vlan.dat? [confirm] [Enter]
If there was no VLAN file, this message is displayed.
%Error deleting flash:vlan.dat (No such file or directory)
3. Remove the switch startup configuration file from NVRAM.
Switch#erase startup-config
The responding line prompt will be:
Erasing the nvram filesystem will remove all files! Continue? [confirm]
Press Enter to confirm.
The response should be:
Erase of nvram: complete
4. Check that VLAN information was deleted. Verify that the VLAN configuration was deleted in Step 2
using the show vlan command. If previous VLAN configuration information (other than the default
management VLAN 1) is still present it will be necessary to power cycle the switch (hardware restart)
instead of issuing the reload command. To power cycle the switch, remove the power cord from the back
of the switch or unplug it. Then plug it back in. If the VLAN information was successfully deleted in Step 2,
go to Step 5 and restart the switch using the reload command.
5. Software restart (using the reload command)
At the privileged EXEC mode enter the command reload.
The responding line prompt will be:
System configuration has been modified. Save? [yes/no]:
b. Type n and then press Enter.
The responding line prompt will be:
Proceed with reload? [confirm] [Enter]
The first line of the response will be:
Reload requested by console.
After the switch has reloaded, the line prompt will be:
Would you like to enter the initial configuration dialog? [yes/no]:
Type n and then press Enter.
The responding line prompt will be:
Press RETURN to get started! [Enter]
Step 1 Enter privileged mode
a. Privileged mode gives access to all the switch commands. Many of the privileged commands
configure operating parameters. Therefore, privileged access should be password-protected to
prevent unauthorized use. The privileged command set includes those commands contained in user
EXEC mode, as well as the configure command through which access to the remaining command
modes is gained.
Step 2 Configure the hosts attached to the switch
Configure the hosts to use the same IP subnet for the address, mask, and default gateway as on the switch
IP address
Subnet mask
Default gateway
Note: PC1 connect to Fa0/1 and PC4 connect to Fa0/4.
Do not connect PC5 to the switch yet.
Step 3 Examine the current switch configuration
a. Examine the following current running configuration file:
Switch#show running-config
b. How many Ethernet or fastEthernet interfaces does the switch have?______________________
What is the range of values shown for the VTY lines?__________________________________
Examine the current contents of NVRAM as follows:
Switch#show startup-config
%% Non-volatile configuration memory is not present
Why does the switch give this response?___________________________________________
Step 4 Assign a name to the switch
a. Enter enable and then the configuration mode. The configuration mode allows the management of the
switch. Enter AL Switch, the name this switch will be referred to in the following:
Switch#configure terminal
Switch(config)#hostname ALSwitch
Notice the prompt changed in the configuration to reflect its new name. Type exit or press Ctrl-Z to go
back into privileged mode.
Step 5 Examine the current running configuration
a. Exam the current configuration that follows to verify that there is no configuration except for the
ALSwitch#show running-config
b. Are there any passwords set on the lines? _______________________________
What does the configuration show as the hostname of this switch? _____________
Step 6 Set the access passwords
Enter config-line mode for the console. Set the password on this line as cisco for login. Configure
the vty lines 5 to 15 with the password cisco as follows:
ALSwitch#configure terminal
Enter the configuration commands, one for each line. End by pressing Ctrl-Z.
ALSwitch(config)#line con 0
ALSwitch(config-line)#password cisco
ALSwitch(config-line)#line vty 0 15
ALSwitch(config-line)#password cisco
Step 7 Set the command mode passwords
Set the enable password to cisco and the enable secret password to class as follows:
ALSwitch(config)#enable password cisco
ALSwitch(config)#enable secret class
Step 8 Configure the layer 3 access to the switch
a. Set the IP address of the switch to with a subnet mask of as follows:
Note: This is done on the internal virtual interface VLAN 1.
ALSwitch(config)#interface VLAN 1
ALSwitch(config-if)#ip address
b. Set the default gateway for the switch and the default management VLAN to as
ALSwitch(config)#ip default-gateway
Step 9 Verify the management LANs settings
a. Verify the interface settings on VLAN 1 as follows:
ALSwitch#show interface VLAN 1
b. What is the bandwidth on this interface? ______________________________
c. What are the VLAN states: VLAN1 is __________, Line protocol is __________
d. Enable the virtual interface using the no shutdown command
ALSwitch(config)#interface VLAN 1
ALSwitch(config-if)#no shutdown
e. What is the queuing strategy? ______________________________________
Step 10 Save the configuration
a. The basic configuration of the switch has just been completed. Back up the running
configuration file to NVRAM as follows:
Note: This will ensure that the changes made will not be lost if the system is rebooted or loses
ALSwitch#copy running-config startup-config
Destination filename [startup-config]?[Enter]
Building configuration...
c.Configuration upload is successfully completed.
Step 11 Examine the startup configuration file
a. To see the configuration that is stored in NVRAM, type show startup-config from
the privileged EXEC (enable mode)
ALSwitch#show startup-config
b. What is displayed?___________________________________________________
c.Are all the changes that were entered recorded in the file? ______________________
Step 12 Record the MAC addresses of the host
a. Determine and record the layer 2 addresses of the PC network interface cards. If running Windows 98,
check by using Start > Run > winipcfg, then click on More info.
If running Windows 2000, check by using Start > Run > cmd > ipconfig /all.
PC1: _____________________________________________________________
PC4: _____________________________________________________________
Step 13 Determine the MAC addresses that the switch has learned
a.To determine the what MAC addresses the switch has learned use the show mac-address-table
command as follows at the privileged EXEC mode prompt:
ALSwitch#show mac-address-table
b. How many dynamic addresses are there? __________________________________
c. How many total MAC addresses are there? _________________________________
Step 14 Determine the show MAC table options
a. To determine the options the show mac-address-table command has use the ? option as
ALSwitch#show mac-address-table ?
How many options are available for the show mac-address-table command? ______
Show only the mac-address-tables that were learned dynamically.
How many are there? ___________________________________________________
Step 15 Clear the MAC address table
To remove the existing MAC addresses use the clear mac-address-table command from the
privileged EXEC mode prompt as follows:
ALSwitch#clear mac-address-table dynamic
Step 16 Verify the results
a. Verify that the mac-address-table was cleared as follows:
ALSwitch#show mac-address-table
b. How many total MAC addresses are there now? ______________________________
Step 17 Determine the clear MAC table options
a. To determine the options available use the command clear mac-address-table ? at the
privileged EXEC mode prompt as follows:
ALSwitch#clear mac-address-table ?
b. How many options are there? ___________________________________________
c.In what circumstances would these options be used? __________________________
Step 18 Examine the MAC table again
a. Look at the MAC address table again using the show mac-address-table command at the
privileged EXEC mode prompt as follows:
ALSwitch#show mac-address-table
How many dynamic addresses are there? ___________________________________
Why did this change from the last display? ___________________________________
If the table has not changed yet, ping the switch IP address from the hosts two times each.
Step 19 Setup a static MAC address
Setup a static MAC address on Fast Ethernet interface 0/4 as follows:
Note: Use the address that was recorded for PC4 in step 4. The MAC address 00e0.2917.1884 is
used in the example statement only.
ALSwitch(config)#mac-address-table static 00e0.2917.1884 vlan 1 interface
fastethernet 0/4
Step 20 Verify the results
a. Enter the following to verify the mac–address table entries.
ALSwitch#show mac-address-table
b. How many total MAC addresses are there now? ______________________________
c.How many static addresses are there? _____________________________________
d. Under what circumstances can other static or dynamic learning of addresses occur on switchport 4?
Step 21 Remove the static MAC entry
The static mac-address-table entry may need to be reversed. To do this, enter the
configuration mode and reverse the command by putting a no in front of the entire old command
string as follows:
Note: The MAC address 00e0.2917.1884 is used in the example statement only,
use the MAC address that was recorded for the host on port 0/4.
ALSwitch(config)#no mac-address-table static 00e0.2917.1884 vlan 1
Interface fastEthernet 0/4
Step 22 Verify the results
Enter the following to verify that the static MAC address was cleared:
ALSwitch#show mac-address-table static
How many total static MAC addresses are there now?_________________________
Step 23 List port security options
a. Determine the options for setting port security on interface FastEthernet 0/4. Type port
security ? from the interface configuration prompt for FastEthernet port 0/4 as follows:
ALSwitch(config)#interface fastethernet 0/4
ALSwitch(config-if)#switchport port-security ?
Port-security aging commands
Secure mac address
Max secure address
Security violation mode
b. To allow the switchport FastEthernet 0/4 to accept only one device enter port security as follows:
ALSwitch(config-if)#switchport mode access
ALSwitch(config-if)#switchport port-security
ALSwitch(config-if)#switchport port-security mac-address sticky
Step 24 Verify the results
Enter the following to verify the mac –address table entries:
ALSwitch#show mac-address-table
How are the address types listed for the two MAC addresses? ___________________
Show port security settings
ALSwitch#show port-security
Step 25 Show the running configuration file
Are there statements that directly reflect the security implementation in the listing of the
running configuration?________________________________________________
What do those statements mean?________________________________________
Step 26 Limit the number of hosts per port and configure the port to shut down if there is
a security violation
a. On interface FastEthernet 0/4 set the port security maximum MAC count to 1 as follows:
ALSwitch(config)#interface fastethernet 0/4
ALSwitch(config-if)#switchport port-security maximum 1
b. It has been decided that in the event of a security violation the interface should be shut down. Enter
the following to make the port security action to shutdown:
ALSwitch(config-if)#switchport port-security violation shutdown
c. Disconnect the PC4 attached to FastEthernet 0/4. Connect to the port on the PC5 that has been
given the IP address This PC has not yet been attached to the switch. It may be
necessary to ping the switch address to generate some traffic.
Record any observations:______________________________________________
Step 27 Show port 0/4 configuration information
To see the configuration information for just FastEthernet port 0/4, type show interface
fastethernet 0/4, as follows, at the privileged exec mode prompt:
ALSwitch#show interface fastethernet 0/4
What is the state of this interface? FastEthernet0/4 is ___________________, line protocol is
Step 28 Reactivate the port
a. If a security violation occurs and the port is shut down, use the no shutdown command to reactivate it.
b. Try reactivating this port a few times by switching between the original port 0/4 host and the new one.
Plug in the original host PC4, type the no shutdown command on the interface and ping using the DOS
window. The ping will have to be repeated multiple times or use the ping –n 200
command. This will set the number of ping packets to 200 instead of 4. Then switch hosts and try again.
Can all PCs still successfully ping each other? ______________
If not troubleshoot the switch and PCs.
Step 34 Erase and exit the switch
Erase the switch according to the instructions. Then remove and store the cables and adapter.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF