CHAPTER 2

BASIC SWITCH AND END

DEVICE
CONFIGURATION
Chapter Objectives
• Explain how to access a Cisco IOS device for configuration purposes.
• Explain how to navigate Cisco IOS to configure network devices.
• Describe the command structure of Cisco IOS software.
• Configure a Cisco IOS device using CLI.
• Use IOS commands to save the running configuration.
• Explain how devices communicate across network media.
• Configure a host device with an IP address.
• Verify connectivity between two end devices.
Operating Systems

• Shell - The user interface that

allows users to request specific
tasks from the computer. These
requests can be made either through
the CLI or GUI interfaces.
• Kernel - Communicates between
the hardware and software of a
computer and manages how
hardware resources are used to meet
software requirements.
• Hardware - The physical part of a
computer including underlying
electronics.
GUI
• A GUI allows the user to interact with the
system using an environment of graphical
icons, menus, and windows.
• A GUI is more user-friendly and requires
less knowledge of the underlying command
structure that controls the system.
• Examples of these are: Windows, macOS,
Linux KDE, Apple iOS and Android.
• GUIs can fail, crash, or simply not operate
as specified. For these reasons, network
devices are typically accessed through a GUI Example
CLI.
Purpose of an OS
PC operating system enables a user to do the CLI-based network operating system
following: enables a network technician to do the
• Use a mouse to make selections and following:
run programs • Use a keyboard to run CLI-based
• Enter text and text-based commands network programs
• View output on a monitor • Use a keyboard to enter text and
text-based commands
• View output on a monitor
Access Methods
• Console – A physical management port
used to access a device in order to
provide maintenance, such as
performing the initial configurations.
• Secure Shell (SSH) – Establishes a
secure remote CLI connection to a
device, through a virtual interface, over
a network. (Note: This is the
recommended method for remotely
connecting to a device.)
• Telnet – Establishes an insecure remote
CLI connection to a device over the
network. (Note: User authentication,
passwords and commands are sent over
the network in plaintext.)
Terminal Emulation Programs
• Terminal emulation programs are used to connect to a network device by either a console port
or by an SSH/Telnet connection.
• There are several terminal emulation programs to chose from such as PuTTY, Tera Term and
SecureCRT.
Primary Command Modes
User EXEC Mode:
 Allows access to only a limited
number of basic monitoring
commands
 Identified by the CLI prompt
that ends with the > symbol

Privileged EXEC Mode:

 Allows access to all commands
and features
 Identified by the CLI prompt
that ends with the # symbol
Configuration Mode and Subconfiguration
Modes
Global Configuration Mode:
• Used to access configuration
options on the device

Line Configuration Mode:

• Used to configure console, SSH,
Telnet or AUX access

Interface Configuration Mode:

• Used to configure a switch port
or router interface
Navigation Between IOS Modes
Privileged EXEC Mode:
• To move from user EXEC mode to
privilege EXEC mode, use the enable
command.

Global Configuration Mode:

• To move in and out of global
configuration mode, use the configure
terminal command. To return to
privilege EXEC mode, use the exit
command.
Line Configuration Mode:
• To move in and out of line
configuration mode, use the line
command followed by the management
line type. To return to global
configuration mode, use the exit
Navigation Between IOS MODES (Contd.)
Subconfiguration Modes:
• To move out of any subconfiguration
mode to get back to global
configuration mode, use the exit
command. To return to privilege
EXEC mode, use the end command
or key combination Ctrl +Z.

• To move directly from one

subconfiguration mode to another,
type in the desired subconfiguration
mode command. In the example, the
command prompt changes from
(config-line)# to (config-if)#.
Basic IOS Command Structure

General Syntax for a Command

• Keyword – This is a specific parameter defined in the operating system (in the figure, ip
protocols).
• Argument - This is not predefined; it is a value or variable defined by the user (in the
figure, 192.168.10.5).
IOS Command Syntax Check
A command might require one or more arguments. To determine the keywords and arguments
required for a command, refer to the command syntax.
• Boldface text indicates commands and keywords that are entered as shown.
• Italic text indicates an argument for which the user provides the value.

Convention Description
Boldface text indicates commands and keywords that you enter literally as
boldface
shown.
italics Italic text indicates arguments for which you supply values.
[x] Square brackets indicate an optional element (keyword or argument).
{x} Braces indicate a required element (keyword or argument).

Braces and vertical lines within square brackets indicate a required choice within
[x {y | z }]
an optional element. Spaces are used to clearly delineate parts of the command.
IOS Command Syntax Check (Contd.)
• The command syntax provides the pattern, or format, that must be used when entering a
command.
• The command is ping and the user-defined argument is the ip-address of the destination
device. For example, ping 10.10.10.5.

• The command is traceroute and the user-defined argument is the ip-address of the destination
device. For example, traceroute 192.168.254.254.

• If a command is complex with multiple arguments, you may see it represented like this:
IOS Help Features
Context-sensitive help enables you to Command syntax check verifies that a
quickly find answers to these questions: valid command was entered by the
• Which commands are available in user.
each command mode? • If the interpreter cannot
• Which commands start with specific understand the command being
characters or group of characters? entered, it will provide feedback
describing what is wrong with the
• Which arguments and keywords are
command.
available to particular commands?
Hot Keys and Shortcuts
• The IOS CLI provides hot keys and shortcuts that make configuring, monitoring, and
troubleshooting easier.
• Commands and keywords can be shortened to the minimum number of characters that identify
a unique selection. For example, the configure command can be shortened
to conf because configure is the only command that begins with conf.
Hot Keys and Shortcuts (Contd.)
• The table below is a brief list of keystrokes to enhance command line editing.

Keystroke Description

Tab Completes a partial command name entry.

Backspace Erases the character to the left of the cursor.

Left Arrow or Ctrl+B Moves the cursor one character to the left.

Right Arrow or Ctrl+F Moves the cursor one character to the right.

Recalls the commands in the history buffer, beginning with the most recent
Up Arrow or Ctrl+P
commands.
Hot Keys and Shortcuts (Contd.)
• When a command output produces more • The table below lists commands that can
text than can be displayed in a terminal be used to exit out of an operation.
window, the IOS will display a “--
More--” prompt. The table below
describes the keystrokes that can be used
when this prompt is displayed.
Keystroke Description Keystroke Description
When in any configuration mode, ends the
Enter Key Displays the next line. Ctrl-C configuration mode and returns to privileged
EXEC mode.
When in any configuration mode, ends the
Space Bar Displays the next screen. Ctrl-Z configuration mode and returns to privileged
EXEC mode.

Ends the display string, returning to All-purpose break sequence used to abort
Any other key Ctrl-Shift-6
privileged EXEC mode. DNS lookups, traceroutes, pings, etc.
Device Names
• The first configuration command on any device should be to give it a unique hostname.
• By default, all devices are assigned a factory default name. For example, a Cisco IOS switch is
"Switch.”
• Guideline for naming devices:
• Start with a letter
• Contain no spaces
• End with a letter or digit
• Use only letters, digits, and dashes
Note: To return the switch to the default
• Be less than 64 characters in length prompt, use the no hostname global config
command.
Password Guidelines
• The use of weak or easily guessed passwords are a security concern.
• All networking devices should limit administrative access by securing privileged EXEC, user
EXEC, and remote Telnet access with passwords. In addition, all passwords should be
encrypted and legal notifications provided.

• Password Guidelines:
 Use passwords that are more than eight
characters in length.
 Use a combination of upper and
lowercase letters, numbers, special
Note: Most of the labs in this course use
characters, and/or numeric sequences.
simple passwords such as cisco or class.
 Avoid using the same password for all These passwords are considered weak and
devices. easily guessable and should be avoided in
 Do not use common words because they production environments.
are easily guessed.
Configure Passwords
Securing user EXEC mode access:
• First enter line console configuration mode
using the line console 0 command in global
configuration mode.
• Next, specify the user EXEC mode password
using the password password command.
• Finally, enable user EXEC access using
the login command.

Securing privileged EXEC mode access:

• First enter global configuration mode.
• Next, use the enable secret password
command.
Configure Passwords (Contd.)
Securing VTY line access:
• First enter line VTY configuration
mode using the line vty 0 15
command in global configuration
mode.
• Next, specify the VTY password
using
the password password command.
• Finally, enable VTY access using
the login command.

• Note: VTY lines enable remote access using Telnet or SSH to the device. Many Cisco
switches support up to 16 VTY lines that are numbered 0 to 15.
Encrypt Passwords
• The startup-config and running-config
files display most passwords in plaintext.
• To encrypt all plaintext passwords, use
the service password-encryption global
config command.

• Use the show running-config command

to verify that the passwords on the device
are now encrypted.
Banner Messages
• A banner message is important to
warn unauthorized personnel from
attempting to access the device.
• To create a banner message of the day
The banner will be displayed on attempts to access the device.
on a network device, use the banner
motd # the message of the
day # global config command.

Note: The “#” in the command syntax is

called the delimiting character. It is
entered before and after the message.
Configuration Files
There are two system files that store the device configuration:
• startup-config - This is the saved configuration file that is stored in NVRAM. It contains
all the commands that will be used by the device upon startup or reboot. Flash does not
lose its contents when the device is powered off.
• running-config - This is stored in Random Access Memory (RAM). It reflects the current
configuration. Modifying a running configuration affects the operation of a Cisco device
immediately. RAM is volatile memory. It loses all of its content when the device is
powered off or restarted.
• To save changes made to the running configuration to the startup configuration file, use
the copy running-config startup-config privileged EXEC mode command.
Alter the Running Configurations
If changes made to the running config do not
have the desired effect and the running-config
has not yet been saved, you can restore the
device to its previous configuration. To do this
you can:
• Remove the changed commands
individually.
• Reload the device using the reload
command in privilege EXEC mode. Note:
This will cause the device to briefly go
offline, leading to network downtime.
If the undesired changes were saved to the
startup-config, it may be necessary to clear all
the configurations using the erase startup-
config command in privilege EXEC mode.
• After erasing the startup-config, reload
the device to clear the running-config file
from RAM.
Capture Configuration to a Text File
Configuration files can also be saved and archived
to a text document.
• Step 1. Open terminal emulation software, such
as PuTTY or Tera Term, that is already
connected to a switch.
• Step 2. Enable logging in to the terminal
software and assign a name and file location to
save the log file. The figure displays that All
session output will be captured to the file
specified (i.e., MySwitchLogs).
IP Addresses
• The use of IP addresses is the primary means of
enabling devices to locate one another and establish
end-to-end communication on the internet.
• The structure of an IPv4 address is called dotted
decimal notation and is represented by four decimal
numbers between 0 and 255.
• An IPv4 subnet mask is a 32-bit value that
differentiates the network portion of the address from
the host portion. Coupled with the IPv4 address, the
subnet mask determines to which subnet the device is
a member.
• The default gateway address is the IP address of the
router that the host will use to access remote networks,
including the internet.
IP Addresses (Contd.)
• IPv6 addresses are 128 bits in length and
written as a string of hexadecimal
values. Every four bits is represented by
a single hexadecimal digit; for a total of
32 hexadecimal values. Groups of four
hexadecimal digits are separated by a
colon “:”.
• IPv6 addresses are not case-sensitive
and can be written in either lowercase or
uppercase.

Note: IP in this course refers to both the

IPv4 and IPv6 protocols. IPv6 is the most
recent version of IP and is replacing the
more common IPv4.
Interfaces and Ports
• Network communications depend on end user
device interfaces, networking device interfaces,
and the cables that connect them.
• Types of network media include twisted-pair
copper cables, fiber-optic cables, coaxial
cables, or wireless.
• Different types of network media have different
features and benefits. Some of the differences
between various types of media include:
 Distance the media can successfully carry
a signal
 Environment in which the media is to be
installed Different Types of Network Media
 Amount of data and the speed at which it
must be transmitted
 Cost of the media and installation
Manual IP Address Configuration for End
Devices
• End devices on the network need an IP address in order to communicate with other devices on
the network.
• IPv4 address information can be entered into end devices manually, or automatically using
Dynamic Host Configuration Protocol (DHCP).
 To manually configure an IPv4 address on a Windows PC, open the Control Panel >
Network Sharing Center > Change adapter settings and choose the adapter. Next right-
click and select Properties to display the Local Area Connection Properties.
 Next, click Properties to open the Internet Protocol Version 4 (TCP/IPv4)
Properties window. Then configure the IPv4 address and subnet mask information, and
default gateway.
Manual IP Address Configuration for End
Devices (Contd.)

Note: IPv6 addressing and configuration

options are similar to IPv4.
Automatic IP Address Configuration for End
Devices
• DHCP enables automatic IPv4 address configuration
for every end device that is DHCP-enabled.
• End devices are typically by default using DHCP for
automatic IPv4 address configuration.

 To configure DHCP on a Windows PC, open

the Control Panel > Network Sharing Center
> Change adapter settings and choose the
adapter. Next right-click and select Properties to
display the Local Area Connection Properties.

 Next, click Properties to open the Internet

Protocol Version 4 (TCP/IPv4)
Properties window, then select Obtain an IP
address automatically and Obtain DNS server
address automatically.
Switch virtual Interface Configuration
To access the switch remotely, an IP address and a subnet mask must be configured on the SVI.
To configure an SVI on a switch:
• Enter the interface vlan 1 command in global configuration mode.
• Next assign an IPv4 address using the ip address ip-address subnet-mask command.
• Finally, enable the virtual interface using the no shutdown command.