DONE BY: TAHA MOHI & TAHA ELDAVEBI

IMPORTANT: The lab report to be submitted must include screenshots of all those sections in
which an element is requested to be verified. The answers to the questions asked throughout
this guide should also be included. Use the current guide document to add the screenshots
and answers so that the final report is consistent! Type your answers in blue over this
same document.

• Initial topology

In this hands-on lab, you will learn how to access a Cisco device through a direct local connection to the
console port using a terminal emulation program, called Putty. You will also learn how to configure the
parameters of the PC's serial port for the Putty console connection. After you establish a console
connection to your Cisco device, you can view or modify the device settings.

We will use the following IP addresses on our devices: Note: for the Switch name, change the x for
your group number

Device Interface IP address Subnet mask

Switch_Gx VLAN 1 192.168.1.1 255.255.255.0

PC-A NIC 192.168.1.10 255.255.255.0
PC-B NIC 192.168.1.11 255.255.255.0

• Part 1: Connect Two Computers to the Switch

In order to have two PCs connected on an Ethernet network, the Ethernet ports on the should be
connected to Ethernet ports on the switch using straight-through cables:

Connect one end of the Ethernet cable to the NIC port on PC-A. Connect the other end of the
cable to F0/6 on Switch_Gx. After connecting the PC to the switch, the F0/6 light should turn
amber and then green, indicating that the PC-A was successfully connected.

Connect one end of the second Ethernet cable to the NIC port on PC-B. Connect the other end of
the cable to F0/18 on Switch_Gx. After connecting the PC to the switch, the F0/18 light should
turn amber and then green, indicating that the PC-B was connected successfully.

Visually inspect network connections. After cabling network devices, take a moment to carefully
 check connections to minimize the time required to troubleshoot network connectivity issues later.

• Part 2: Configure IP addressing on PCs and check

connectivity

• Configure static IP address information on computers according to the addressing table at the
beginning of this document.

On the PC-A navigate to the Control Panel. In Category view, under the Network and Internet
heading, click View Network Status and Tasks, > click Change adapter settings.

Note: There are other ways in Windows to navigate to adapter settings.

Right-click the network adapter and select Properties. The Network adapter should be the
Ethernet adapter that is connected (no VMWare on the adapter name!!).

Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties.

Select Use the following IP address. Enter the IP address for PC-A (192.168.1.10) and the
subnet mask (255.255.255.0) as indicated in the IP address table. You can leave the default
gateway blank at this time because there is no router connected to the network. Click OK to
continue. Click Close to exit the Properties window.

Repeat the steps above to enter the IP address information for PC-B.

• Verify the settings on both PCs.

From PC-A, open a command prompt to verify the computer's configuration and connectivity by
using the ipconfig /all command at the command prompt.

C:\Users\Student> ipconfig /all

Has the IP address assigned to the PC been updated correctly? Perform the same check for PC-
B

• Verify the connectivity of the PCs.

The most common tool used to check connectivity between multiple devices is the "ping"
command. This command is usually disabled by default in the Firewalls of the PCs. To check the
status and/or unblock the ping navigate to Control Panel > System and Security > Windows
Firewall > Turn Windows Firewall on or off > Turn off Windows Firewall (not recommended),
which will disable Windows Firewall. If we only want to allow pings, you can follow this tutorial:
 https://www.redeszone.net/tutoriales/seguridad/permitir-firewall-windows-10-ping/

After the firewall is disabled, to test connectivity to PC-B, type ping 192.168.1.11 at the command
line. The ping should succeed. If the ping failed, fix any problems that are present.

C:\Users\Student > ping 192.168.1.11

Pinging 192.168.1.11 with 32 bytes of data:

Reply from 192.168.11: bytes=32 time<1ms TTL=128

Reply from 192.168.11: bytes=32 time<1ms TTL=128

Reply from 192.168.11: bytes=32 time<1ms TTL=128

Reply from 192.168.11: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.11:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

• Question: Did you need to configure an IP address on the switch for it to work?

• We don't need to set an IP address on the switch for it to work.

• Part 3: Accessing a Cisco Switch via Console Serial Port

Although, as you have just seen, in the case of switches it is not necessary to make any special
configuration, it is common to want to configure switch parameters associated with the name, security,
remote access, and other types of more advanced configurations. To access the switch, in this section
you will connect a PC to a Cisco switch using a console cable. This connection will allow you to access
the command-line interface (CLI) and display the parameters or configure the switch. It is important to
understand that with this type of connection, the PC is not communicating with the switch using the usual
Ethernet interface, but rather it is a local connection that only allows access to the internal
configuration of the switch.
 • Step 1: Connect a Cisco switch and PC using a console cable.

• Power on the switch.

• Connect the console cable to the RJ-45 console port on the switch (on the back). Connect the
other end of the cable to the COM serial port on your PC.

• Step 2: Configure Putty on the PC to establish a console session

with the switch.

• Start Putty
•
• In the 'Session' option, select the 'Serial' connection type. The default parameters for the console
port are 9600 baud, 8 bits of data, no parity, 1 stop bit, and no flow control. Press the 'Open'
button
• You should be able to see information about the switch in the terminal, in which case you are
ready to configure a Cisco switch.

• Part 4: Display and Configure Basic Device Parameters

• Step 1: Display the IOS image version of the switch.

• Once the switch completes the boot process, the following message is displayed. Enter n to
continue.
Open the settings window

Do you want to enter the initial configuration dialog? [yes/no]:

n
Note: If you don't see the above message, contact your instructor to reset your switch to the initial
settings.

• Cisco computers have two main modes, the user EXEC (allows you to view, but not modify
parameters), and the privileged EXEC (which allows you to modify). At each point, typing "?" will
give us information about the commands available in the current mode.
To switch from one mode to another:

• In the user's EXEC mode, display the IOS version for the switch.
 Switch> show version

Question:
What version of the IOS image does the switch currently use? Where is
that image hosted?
The IOS image version is IOS tm C2950 Software (C2950-I6Q4L2-M),
Version 12.1 (22) EA6, RELEASE SOFTWARE (fcl)
It's hosted in "flash:/c2960-i6q412-mz.121-22.EA6.bin"

• Step 2: Set the clock

As you learn more about networking, you'll find that setting the correct time on a Cisco switch can
come in handy when you're troubleshooting. The following steps are used to manually configure the
switch's internal clock.

• Display the current clock settings.

Switch> show clock
* 00:30:05 .261 UTC Mon Mar 1 1993

• The clock settings are changed in privileged EXEC mode. To access privileged EXEC mode, type
enable at the user's EXEC mode input prompt.
Switch> enable
• Configure the clock parameters. The question mark (?) provides help and allows you to determine
the expected input information for setting the current time, date, and year. Press Enter to
complete the clock setup. Set the current time and date and not the one shown in the
example!
• Switch # clock set?
hh:mm:ss Current time

Switch # clock set 15:08:00?

<1-31> Day of the month

MONTH Month of the year

Switch# clock set 15:08:00 Oct 26?

<1993-2035>Year

Switch# clock set 15:08:00 Oct 26 2012

 Switch#

*Oct 26 15:08:00 .000: %SYS-6-CLOCKUPDATE: The system clock has been updated
from 00:31:43 UTC Mon Mar 1 1993 to 15:08:00 UTC Fri Oct 26 2012, configured
from console to console.

• Enter the show clock command to verify that the clock parameters have been updated.
Switch# show clock
15:08:07 .205 UTC Fri Oct 26 2012

• Part 5: Configure and Verify Basic Switch Parameters

Note: On Cisco equipment (both Switches and Routers) to remove a command from the configuration it is
enough to retype the same command, but with a no in front of it. For example, the command hostname
Switch_Gx changes the name of the computer to "Switch_Gx." If we want to remove this name and leave
its default value, we will type the command no hostname Switch_Gx.

• From the EXEC mode, use the configure terminal command to enter the configuration mode.

Switch# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config) #
The input prompt changed to reflect the global configuration mode.

• Configure the switch name according to the routing table.

Use the hostname command to rename the switch to Switch_Gx. Note: Replace the x by your
group number

Switch(config)# hostname Switch_Gx

• Avoid unwanted DNS lookups.

To prevent the switch from attempting to translate incorrectly entered commands as if they were
host names, disable Domain Name System (DNS) lookup.

Switch_Gx (config)# no ip domain-lookup

• Let's put some security in the access to our switch: Enter local passwords. Use console as the
user's EXEC password and admin as the privileged EXEC password.
 To prevent unauthorized access to the switch, passwords must be configured.

SWITCH_GX(config)# enable secret admin

SWITCH_GX(config)# line con 0
SWITCH_GX(config-line)# password console
SWITCH_GX(config-line)# login
SWITCH_GX(config-line)# exit
• Enter a login MOTD banner to warn about unauthorized access.

A login prompt, known as a "message of the day" (MOTD), must be configured to warn anyone
accessing the switch that unauthorized access will not be tolerated.

The banner motd command requires the use of delimiters to identify the content of the message
in the notice. The delimiter character can be any character as long as it does not appear in the
message. For this reason, symbols such as # are often used.

SWITCH_GX (config) # banner motd #

Unauthorized access is prohibited and violators will be
prosecuted to the extent permitted by law. #
SWITCH_GX(config)# exit

• Part 6: Remote Access to the switch

• As we have already seen in the previous section, a switch (layer 2) does not need an IP address
to operate. We have also learnt how to access the switch through the console port. However, if
we want to access it remotely without being directly connected to the console port, we must
configure an IP address and a subnet mask in its virtual interface (SVI: switch virtual
interface). These interfaces (which are not associated with any hardware), allow you to remotely
manage a switch over a network using IP. To do this, configure and enable SVI according to the
Address Table shown at the beginning of this guide.
SWITCH_GX(config)# interface vlan 1
SWITCH_GX(config-if)# ip address 192.168.1.1 255.255.255.0
SWITCH_GX(config-if)# no shutdown
• To test that we have configured the virtual interface correctly and that we have a connection to
the switch, verify that you can ping from the PC to the switch:
C:\Users\Student > ping 192.168.1.1.
 If the pin fails, check the physical connections and VLAN settings

• We also need to provide a password for securing the remote connection. We will use remote as
password to secure the Telnet remote access:
SWITCH_GX(config)# line vty 0 15
SWITCH_GX(config-line)# password remote
SWITCH_GX(config-line)# login

• To prove that we can now access the switch remotely, disconnect the console cable (blue cable),
and from Putty, open a telnet session with your switch to see if you can access its configuration.
What IP address will you have to configure in the "Host Name (or IP address)" field? The IP
address to set is 192.168.1.1
•
• Also we can ping the switch now
•

• Part 7: Verify switch status and configuration files

• Display the current settings.

The show running-config command displays all running settings, one page at a time. Use the
spacebar to move through the pages. The commands configured in the previous steps are
highlighted below.

SWITCH_GX# show running-config

Building configuration...

Current configuration : 1409 bytes

! Last configuration change at 03:49:17 UTC Mon Mar 1 1993

Version 15.0

No Service Pad

Service Timestamps Debug DateTime MSEC

Service Timestamps Log DateTime MSEC

no service password-encryption

hostname SWITCH_GX

boot-start-marker

boot-end-marker

enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2

No AAA New-Model

System MTU Routing 1500

No IP domain-lookup

<output omitted>

Vlan interface 1

IP address 192.168.1.1 255.255.255.0

IP HTTP Server

IP HTTP Secure-Server

motd banner ^C

Unauthorized access is prohibited and violators will be prosecuted to the extent

permitted by law. ^C

Line with 0

Cisco Password

login

VTY Line 0 4

login

Line VTY 5 15

login

End
• The previous setting, running-config, shows what is currently running on the switch and is
stored in the computer's RAM (volatile memory that is erased when the computer is shut down).
Thus, if we now started the switch again, it would boot with the previous configuration, which is
stored in a different file called startup-config, and which is stored in non-volatile random access
memory (NVRAM).

If we wanted the switch to boot with the new configuration, we would have to make a copy of our
current configuration to the NVRAM startup config.

IMPORTANT: DO NOT RUN THIS COMMAND!!! The command to make the

copy would be
SWITCH_GX# copy running-config startup-config
Destination filename [startup-config]? [Enter]
Building configuration...

[OK]

SWITCH_GX#

• Verify the status of the connected interfaces on the switch.

To check the status of connected interfaces, use the show ip interface brief command. Press
the spacebar to advance to the end of the list.

Why are some FastEthernet ports on the switch active and others down? Which ones are active?
The active FastEthernet interfaces that are active are the ones connected to host devices PCA
and PCB

• Verify that you can ping the switch from both PCs. The pings should be correct.

• Verify that you can also ping the PCs from the switch. The pings should be correct.

•
•

• Using the IoS help feature (you can press ? whenever you need help on what commands are
available!) , try to find the command to show the mac table of the switch. What is on the MAC
table now? Include this information and its explanation on the lab report The MAC address table
shows the MAC addresses of the host devices connected to each port: Fa0/2 and FA00/8, the
switch learns this information thanks to the pings sent between these devices, allowing it to
register their MAC addresses in the table.