CCNA 1 Lab Computer networks Zetech

Introduction to Network — #2 Basic Switch &

End Devices Configuration

Cisco IOS Access

Operating Systems

All end devices and network devices require an operating system (OS).

As shown in the figure, the portion of the OS that interacts directly

with computer hardware is known as the kernel. The portion that
interfaces with applications and the user is known as the shell. The
user can interact with the shell using a command-line
interface (CLI) or a graphical user interface (GUI).

1 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

When using a CLI, the user interacts directly with the system in a text-
based environment by entering commands on the keyboard at a
command prompt.
[analyst@secOps ~]$ ls
Desktop Downloads lab.support.files second_drive
[analyst@secOps ~]$

IOS Navigation

Primary Command Modes

As a security feature, the Cisco IOS software separates management

access into the following two command modes:

2 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

• User EXEC Mode

This mode has limited capabilities but is useful for basic operations. It
allows only a limited number of basic monitoring commands but does
not allow the execution of any commands that might change the
configuration of the device. The user EXEC mode is identified by the
CLI prompt that ends with the > symbol.

• Privileged EXEC Mode

To execute configuration commands, a network administrator must

access privileged EXEC mode. Higher configuration modes, like global
configuration mode, can only be reached from privileged EXEC mode.
The privileged EXEC mode can be identified by the prompt ending
with the # symbol.

Configuration Mode and Sub configuration Modes

To configure the device, the user must enter global configuration

mode, which is commonly called global config mode.

Global configuration mode is identified by a prompt that

ends (config)# after the device name, such as Switch(config)#.

Global configuration mode is accessed before other specific

configuration modes. From the global config mode, the user can enter
different subconfiguration modes.

3 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Two common sub-configuration modes include:

• Line Configuration Mode — Used to

configure console, SSH, Telnet, or AUX access.

• Interface Configuration Mode — Used to configure

a switch port or router network interface.

Navigate Between IOS Modes

To move in and out of global configuration mode, use the configure

terminal or config t privileged EXEC mode command. To return to
the privileged EXEC mode, enter the exit global config mode
command.

To enter line sub configuration mode, you use the line command
followed by the management line type and number you wish to access.
Use the exit command to exit a sub configuration mode and return to
global configuration mode.
Switch(config)# line console 0
Switch(config-line)# exit
Switch(config)#

To move from any sub configuration mode to the privileged EXEC

mode, enter the end command or enter the key combination Ctrl+Z.
Switch(config-line)# end
Switch#

4 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

You can also move directly from one sub configuration mode to
another. Notice how after selecting an interface, the command prompt
changes from (config-line)# to (config-if)#.
Switch(config-line)# interface FastEthernet 0/1
Switch(config-if)#

The Command Structure

Basic IOS Command Structure

A Cisco IOS device supports many commands. Each IOS command has
a specific format, or syntax, and can only be executed in the
appropriate mode.

• Keyword — This is a specific parameter defined in the

operating system (in the figure, ip protocols).

• Argument — This is not predefined; it is a value or

variable defined by the user (in the figure, 192.168.10.5).

5 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

IOS Command Syntax Check

To determine the keywords and arguments required for a command,

refer to the command syntax. The syntax provides the pattern, or
format, that must be used when entering a command.

The following examples demonstrate conventions used to document

and use IOS commands:

• ping ip-address — The command is ping and the user-

defined argument is the ip-address of the destination
device. For example, ping 10.10.10.5.

• traceroute ip-address — The command is traceroute and

the user-defined argument is the ip-address of the
destination device. For example, traceroute
192.168.254.254.

If a command is complex with multiple arguments, you may see it

represented like this:
Switch(config-if)# switchport port-security aging { static | time
time | type {absolute | inactivity}}

6 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

IOS Help Features

Context-sensitive help enables you to quickly find answers to these

questions:

• Which commands are available in each command mode?

• Which commands start with specific characters or group of

characters?

• Which arguments and keywords are available to particular

commands?

To access context-sensitive help, simply enter a question mark, ?, at the

CLI.

Basic Device Configuration

Device Names

The default name should be changed to something more descriptive.

By choosing names wisely, it is easier to remember, document, and
identify network devices.

An organization must choose a naming convention that makes it easy

and intuitive to identify a specific device. The hostnames used in the
device IOS preserve capitalization and lowercase characters.

7 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

When the naming convention has been identified, the next step is to
use the CLI to apply the names to the devices.
Switch# configure terminal
Switch(config)# hostname Sw-Floor-1
Sw-Floor-1(config)#

Password Guidelines

Cisco IOS can be configured to use hierarchical mode

passwords to allow different access privileges to a network
device.

All networking devices should limit administrative access by

securing privileged EXEC, user EXEC, and remote Telnet access with
passwords.

8 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

When choosing passwords, use strong passwords that are not easily
guessed. There are some key points to consider when choosing
passwords:

• Use passwords that are more than eight characters in

length.

• Use a combination of upper and lowercase letters,

numbers, special characters, and/or numeric sequences.

• Avoid using the same password for all devices.

• Do not use common words because they are easily guessed.

Encrypt Passwords

The startup-config and running-config files display most passwords in

plaintext. To encrypt all plaintext passwords, use the service password-

encryption global config command as shown in the example.

Sw-Floor-1# configure terminal
Sw-Floor-1(config)# service password-encryption
Sw-Floor-1(config)#

The purpose of this command is to keep unauthorized individuals from

viewing passwords in the configuration file.

Use the show running-config command to verify that passwords are

now encrypted.
Sw-Floor-1(config)# end
Sw-Floor-1# show running-config
!
(Output omitted)
9 Mr Chesir Computer Networks
CCNA 1 Lab Computer networks Zetech

!
line con 0
password 7 094F471A1A0A
login
!
line vty 0 4
password 7 094F471A1A0A
login
line vty 5 15
password 7 094F471A1A0A
login
!
!
end

Save Configurations

Configuration Files

There are two system files that store the device configuration:

• startup-config — This is the saved configuration

file that is stored in NVRAM. It contains all the commands
that will be used by the device upon startup or reboot.
Flash does not lose its contents when the device is powered
off.

• running-config — This is stored in Random Access Memory

(RAM). It reflects the current configuration. Modifying
a running configuration affects the operation of a Cisco
device immediately. RAM is volatile memory. It loses all of
its content when the device is powered off or restarted.

10 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

The show running-config privileged EXEC mode command is used

to view the running-config.

To view the startup configuration file, use the show startup-

config privileged EXEC command.

To save changes made to the running configuration to the startup

configuration file, use the copy running-config startup-config or copy

run startprivileged EXEC mode command.

Port and Addresses

IP Addresses

The use of IP addresses is the primary means of enabling devices to

locate one another and establish end-to-end communication on the
internet. Each end device on a network must be configured with an IP
address. Examples of end devices include these:

• Computers (work stations, laptops, file servers, web

servers)

• Network printers

• VoIP phones

• Security cameras

• Smartphones

11 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

• Mobile handheld devices (such as wireless barcode

scanners)

The structure of an IPv4 address is called dotted-decimal notation and

is represented by four decimal numbers between 0 and 255. IPv4
addresses are assigned to individual devices connected to a network.

With the IPv4 address, a subnet mask is also necessary. An IPv4 subnet
mask is a 32-bit value that differentiates the network portion of the
address from the host portion. Coupled with the IPv4 address, the
subnet mask determines to which subnet the device is a member.

The example in the figure displays the IPv4 address (192.168.1.10),

subnet mask (255.255.255.0), and default gateway (192.168.1.1)
assigned to a host.

The default gateway address is the IP address of the router that the
host will use to access remote networks, including the internet.

12 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

IPv6 addresses are 128 bits in length and written as a string of

hexadecimal values. Every four bits are represented by a single
hexadecimal digit; for a total of 32 hexadecimal values.

Groups of four hexadecimal digits are separated by a colon (:). IPv6

addresses are not case-sensitive and can be written in either
lowercase or uppercase.

13 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Interface and Ports

Network communications depend on end-user device interfaces,

networking device interfaces, and the cables that connect them.

A cable connecting to the interface must be designed to match the

physical standards of the interface. Types of network media include
twisted-pair copper cables, fiber-optic cables, coaxial cables, or
wireless, as shown in the figure.

14 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Different types of network media have different features and benefits.

Not all network media have the same characteristics.

• The distance the media can successfully carry a signal

• The environment in which the media is to be installed

• Amount of data and the speed at which it must be

transmitted

• Cost of the media and installation

15 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Config IP Addressing

Automatic IP Address Configuration for End Devices

In a network, DHCP enables automatic IPv4 address configuration for

every end device that is DHCP-enabled.

To configure DHCP on a Windows PC, you only need to select Obtain

an IP address automatically and Obtain DNS server address
automatically. Your PC will search out a DHCP server and be
assigned the address settings necessary to communicate on the
network.

Note: IPv6 uses DHCPv6 and SLAAC (Stateless Address

Autoconfiguration) for dynamic address allocation.

16 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Switch Virtual Interface Configuration

To access the switch remotely, an IP address and a subnet mask must

be configured on the SVI.

To configure an SVI on a switch, use the interface vlan 1 global

configuration command. Vlan 1 is not an actual physical interface but a
virtual one. Next, assign an IPv4 address using the ip address ip-

address subnet-mask interface configuration command. Finally, enable

the virtual interface using the no shutdown interface configuration
command.

17 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Sw-Floor-1# configure terminal

Sw-Floor-1(config)# interface vlan 1
Sw-Floor-1(config-if)# ip address 192.168.1.20 255.255.255.0
Sw-Floor-1(config-if)# no shutdown
Sw-Floor-1(config-if)# exit
Sw-Floor-1(config)# ip default-gateway 192.168.1.1

******************************************************************

Introduction to Network Basic Router Configuration

10.0 — Introduction

10.0.1 — Why should I take this module?

Routing packets is very similar to a relay. As you know, routing tables

are created and used by routers to forward packets from their local
networks on to other networks. But a router cannot create a routing
table or forward any packets until it has been configured.

10.0.2 — What will I learn in this module?

Module Title: Basic Router Configuration

Module Objective: Implement initial settings on a router and end

devices.

18 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

10.1 — Configure Initial Router

10.1.1 — Basic Router Configuration Steps

The following tasks should be completed when configuring initial

settings on a router.

1. Configure the device name.

Router(config)# hostname hostname

2. Secure privileged EXEC mode.

Router(config)# enable secret password

3. Secure user EXEC mode.

Router(config)# line console 0
Router(config-line)# password password
Router(config-line)# login

4. Secure remote Telnet / SSH access.

Router(config-line)# line vty 0 4
Router(config-line)# password password
Router(config-line)# login
Router(config-line)# transport input {ssh | telnet}

5. Secure all passwords in the config file.

Router(config-line)# exit
Router(config)# service password-encryption

6. Provide legal notification.

Router(config)# banner motd delimiter message delimiter

7. Save the configuration.

19 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

Router(config)# end
Router# copy running-config startup-config

10.1.2 — Basic Router Configuration Example

In this example, router R1 in the topology diagram will be configured

with initial settings.

To configure the device name for R1, use the following commands.
Router> enable
Router# configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Router(config)# hostname R1
R1(config)#

The following commands secure privileged EXEC mode and user

EXEC mode, enable Telnet and SSH remote access, and encrypt all
plaintext (i.e., user EXEC and VTY line) passwords.
R1(config)# enable secret class
R1(config)#
R1(config)# line console 0
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# exit
R1(config)#
R1(config)# line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# transport input ssh telnet

20 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

R1(config-line)# exit
R1(config)#
R1(config)# service password-encryption
R1(config)#

The legal notification warns users that the device should only be
accessed by permitted users. Legal notification is configured as follows.
R1(config)# banner motd #
Enter TEXT message. End with a new line and the #
***********************************************
WARNING: Unauthorized access is prohibited!
***********************************************
#
R1(config)#

All configured commands would be lost. For this reason, it is important

to save the configuration when changes are implemented. The
following command saves the configuration to NVRAM.
R1# copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#

10.2 — Configure Interface

10.2.1 — Configure Router Interface

For example, the Cisco ISR 4321 router is equipped with two Gigabit
Ethernet interfaces:

• GigabitEthernet 0/0/0 (G0/0/0)

• GigabitEthernet 0/0/1 (G0/0/1)

21 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

The task to configure a router interface is very similar to a

management SVI on a switch. Specifically, it includes issuing the
following commands:
Router(config)# interface type-and-number
Router(config-if)# description description-text
Router(config-if)# ip address ipv4-address subnet-mask
Router(config-if)# ipv6 address ipv6-address/prefix-length
Router(config-if)# no shutdown

description command is not required to enable an interface, it is good

practice to use it. It can be helpful in troubleshooting on production
networks by providing information about the type of network
connected.

The description-text is limited to 240 characters

no shutdown command activates the interface and is similar to powering

on the interface. The interface must also be connected to another
device, such as a switch or a router, for the physical layer to be active.

10.2.2 — Configure Router Interface Example

To configure the interfaces on R1, use the following commands.

22 Mr Chesir Computer Networks
CCNA 1 Lab Computer networks Zetech

R1> enable
R1# configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
R1(config)# interface gigabitEthernet 0/0/0
R1(config-if)# description Link to LAN
R1(config-if)# ip address 192.168.10.1 255.255.255.0
R1(config-if)# ipv6 address 2001:db8:acad:10::1/64
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)#
*Aug 1 01:43:53.435: %LINK-3-UPDOWN: Interface
GigabitEthernet0/0/0, changed state to down
*Aug 1 01:43:56.447: %LINK-3-UPDOWN: Interface
GigabitEthernet0/0/0, changed state to up
*Aug 1 01:43:57.447: %LINEPROTO-5-UPDOWN: Line protocol on
Interface GigabitEthernet0/0/0, changed state to up
R1(config)#
R1(config)#
R1(config)# interface gigabitEthernet 0/0/1
R1(config-if)# description Link to R2
R1(config-if)# ip address 209.165.200.225 255.255.255.252
R1(config-if)# ipv6 address 2001:db8:feed:224::1/64
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)#
*Aug 1 01:46:29.170: %LINK-3-UPDOWN: Interface
GigabitEthernet0/0/1, changed state to down
*Aug 1 01:46:32.171: %LINK-3-UPDOWN: Interface
GigabitEthernet0/0/1, changed state to up
*Aug 1 01:46:33.171: %LINEPROTO-5-UPDOWN: Line protocol on
Interface GigabitEthernet0/0/1, changed state to up
R1(config)#

10.2.3 — Verify Interface Configuration

There are several commands that can be used to verify interface

configuration. The most useful of these is the show ip interface

brief and show ipv6 interface brief commands, as shown in the

example.

23 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

R1# show ip interface brief

Interface IP-Address OK? Method Status
Protocol
GigabitEthernet0/0/0 192.168.10.1 YES manual up
up
GigabitEthernet0/0/1 209.165.200.225 YES manual up
up
Vlan1 unassigned YES unset administratively
down down
R1# show ipv6 interface brief
GigabitEthernet0/0/0 [up/up]
FE80::201:C9FF:FE89:4501
2001:DB8:ACAD:10::1
GigabitEthernet0/0/1 [up/up]
FE80::201:C9FF:FE89:4502
2001:DB8:FEED:224::1
Vlan1 [administratively down/down]
unassigned
R1#

10.2.4 — Configuration Verification Commands

The table summarizes the more popular show commands used to verify
interface configuration.

show ip interface brief

24 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

show ipv6 interface brief

show ip route

show ipv6 route

25 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

show interfaces

26 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

show ip interface

27 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

show ipv6 interface

28 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

10.3 — Configure The Default Gateway

10.3.1 — Default Gateway on Host

For example, assume an IPv4 network topology consisting of a router

interconnecting two separate LANs. G0/0/0 is connected to network
192.168.10.0, while G0/0/1 is connected to network 192.168.11.0. Each
host device is configured with the appropriate default gateway address.

29 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

What if PC1 sent a packet to PC3? PC1 would address the packet with
the IPv4 address of PC3, but would forward the packet to its default
gateway, which is the G0/0/0 interface of R1. The router accepts the
packet and accesses its routing table to determine that G0/0/1 is the
appropriate exit interface based on the destination address. R1 then
forwards the packet out of the appropriate interface to reach PC3.

30 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

10.3.2 — Default Gateway on Switch

A switch that interconnects client computers is typically a Layer 2

device. As such, a Layer 2 switch does not require an IP address to
function properly. However, an IP configuration can be configured on
a switch to give an administrator remote access to the switch.

The default gateway address is typically configured on all devices that

will communicate beyond their local network.

31 Mr Chesir Computer Networks

CCNA 1 Lab Computer networks Zetech

To configure an IPv4 default gateway on a switch, use the ip default-

gateway ip-address global configuration command. The ip-address that

is configured is the IPv4 address of the local router interface connected
to the switch.

References:

32 Mr Chesir Computer Networks