– Correct hostname
– Set the clock / date
– Turn off “ip domain-lookup”
– Set the show history size
– Configure management ip and default gateway
– Set new passwords (Console / Telnet / Enable )
– Saving your configuration(s)
Here is my tutorial on how to perform these actions on a Cisco switch!.
First connect the serial (9 pins) or USB-To-Serial-adapter cable, for configuring the Cisco device.
| Click on image for larger picture |
Use Putty on Windows or Minicom on (L)inux/Mac to gain access to the terminal of the device.
Use the following parameter to connect to it:
| Bits Per Second | 9600 |
| Data Bits | 8 |
| Parity | None |
| Stop Bits | 1 |
| Flow Control | None |
Power-on the switch and wait till the booting is completed.
1 2 3 4 | C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX, RELEASE SOFTWARE (fc4) Cisco WS-C2960-24TT (RC32300) processor (revision C0) with 21039K bytes of memory. 2960-24TT starting... ..........(more is listed)......... |
When you see the message:
1 | Would you like to enter the initial configuration dialog [yes/no] ? CHOOSE NO! |
The configuration dialog is showing old protocols and things we mostly don’t use anymore.
Go from user mode to privileged mode into global configuration mode and execute the command hostname
1 2 3 4 5 6 7 8 9 | Switch> en Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# hostname Linuxsource-Switch1 Linuxsource-Switch1(config)# Linuxsource-Switch1(config)#exit %SYS-5-CONFIG_I: Configured from console by console Linuxsource-Switch1# |
In privileged mode use the clock set command to set the time/date/year
1 2 3 4 5 6 7 8 | Linuxsource-Switch1# clock set 16:00 3 march 2015 Linuxsource-Switch1# show clock *16:0:1.48 UTC Mon Mar 3 2015 Linuxsource-Switch1# Linuxsource-Switch1(config)# exit %SYS-5-CONFIG_I: Configured from console by console Linuxsource-Switch1# |
The no ip domain lookup command disables the resolution of symbolic names. If you mistype a command, the device will not try to translate it into an IP address. (takes 5 seconds to time-out)
1 2 3 | Linuxsource-Switch1# test <--- with domain-lookup, it takes time :) Translating "test"...domain server (255.255.255.255) % Unknown command or computer name, or unable to find computer address |
Linuxsource-Switch1(config)# no ip domain-lookup
Linuxsource-Switch1(config)# test
^
% Invalid input detected at ‘^’ marker.
Linuxsource-Switch1(config)# exit
This sets the numbers of lines that are held in the history buffer for recall. ( one for EXEC mode commands and one configuration mode commands)
You can verify with “show terminal” that history is enabled and determine the size for the console line (default is 10)
1 | Linuxsource-Switch1# show terminal |
Find the line that contains:
History is enabled, history size is 10.
1 2 | Linuxsource-Switch1# terminal history size 100 L:inuxsource-Switch1# show terminal |
1 2 3 | Line now contains the following: <strong>History is enabled, history size is 100. </strong>Linuxsource-Switch1(config)# exit |
Enter the configuration mode. (configure terminal)
1 2 3 | Linuxsource-Switch1# conf t Enter configuration commands, one per line. End with CNTL/Z. Linuxsource-Switch1(config)# |
– Enter the interface configuration voor VLAN 1 (Default)
1 2 | Linuxsource-Switch1(config)# interface vlan 1 Linuxsource-Switch1(config-if)# |
1 2 3 4 | Linuxsource-Switch1(config-if)# ip address 172.16.0.1 255.255.255.252 Linuxsource-Switch1(config-if)# end urce%SYS-5-CONFIG_I: Configured from console by console Linuxsource-Switch1(config-if)# end |
Go from user mode to priviliged mode and then global configuration mode. Type the following:
1 2 3 4 5 6 7 | Linuxsource-Switch1> enable Linuxsource-Switch1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Linuxsource-Switch1(config)# line console 0 Linuxsource-Switch1(config-line)# password cisco Linuxsource-Switch1(config-line)# login Linuxsource-Switch1(config-line)# end |
You can also use option 0 and 7:
1 2 3 4 | Linuxsource-Switch1(config-line)# password ? 0 Specifies an UNENCRYPTED password will follow 7 Specifies a HIDDEN password will follow LINE The UNENCRYPTED (cleartext) line password |
– Option 0 is stored viewable (unencrypted) in your running config!
– Option 7 is the encrypted password, that you can copy in encrypted format, and paste it on another router/switch. (Without knowing the real password)
For Telnet and SSH, do the following:
1 2 3 4 5 | Linuxsource-Switch1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Linuxsource-Switch1(config-line)# password cisco Linuxsource-Switch1(config-line)# end Linuxsource-Switch1# |
You don’t have to use login here, because this is already defined without a password!
Set enable with an password:
This is the password you have to enter, when logged into the switch thru ssh/telnet/console and then try to go to priviliged mode.
To save the password unencrypted do:
1 2 3 | Linuxsource-Switch1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Linuxsource-Switch1(config)# enable password cisco |
Better to use encryption, so do:
1 2 3 4 5 6 | Linuxsource-Switch1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Linuxsource-Switch1(config)# enable secret cisco The enable secret you have chosen is the same as your enable password. This is not recommended. Re-enter the enable secret. Linuxsource-Switch1(config)# |
Beware! 🙂 the warning shown above.. .It doesn’t tell you the password hasn’t been set. (if the password is the same…!!)
Type in privileged mode the following:
1 2 3 4 5 | Linuxsource-Switch1# copy running-config startup-config Destination filename [startup-config]? <ENTER> Building configuration... [OK] Linuxsource-Switch1# |