Professional Documents
Culture Documents
http://www.4shared.com/rar/4Q2I6_9s/Lab-08-Ethernet_Switch_Configu.html 1) 2) 3) 4) 5) 6) 7) 8) Configure the Topology Configuring security on switch Customizing CLI Connection Switch IP Configuration Switch Interface Configuration Configuring VLAN Configuring Port Security Securing Unused Interfaces
ii.
www.asghars.blogspot.com
iii. iv.
Go to your PC prompt and telnet to SW1. Now you will observe that it requires password authentication. Also consider that moving to enable mode also requires password.
www.asghars.blogspot.com
v.
www.asghars.blogspot.com
On Security Warning window click Continue. On SSH authentication window provide username and password you just configured.
www.asghars.blogspot.com
vi.
Encrypting your passwords. The password and the username commands store the password in clear text in runningconfig file as shown below:
You can encrypt the password using the service password-encryption global configuration command.
www.asghars.blogspot.com
ii.
iii.
iv.
www.asghars.blogspot.com
4. Switch IP Configuration
To allow Telnet, SSH, Simple Network Management Protocol (SNMP) & Cisco Device Manager (CDM) to work properly, the switch needs an IP address. To configure the static IP address, refer to the 1. Configure Cisco 3600 router to use as a switch step VI. Use the following commands to configure switch as a DHCP client.
You can use the show interfaces vlan1 command to check the state and ip address assigned by DHCP.
www.asghars.blogspot.com
6. Configuring VLAN
This and onward configuration in this lab is demonstrated by using the Packet Tracer 5.3. Packet tracer is used due to the fact that this configuration is not supported by the GNS3 switch. Build the same topology in Packet Tracer.
i.
ii.
www.asghars.blogspot.com
iii.
Verify you can ping the switch SW1 from the PC1 desktop.
www.asghars.blogspot.com
www.asghars.blogspot.com
10
Verify, the MAC address is added to the secure MAC address table.
Now try to add second PC2, configure its IP and connect it to fa0/1 in place of PC1.
www.asghars.blogspot.com
11
Check port status again, now you can see that the port status is Secure-Shut Down. Which means it doesnt allow other MAC address to connect.
www.asghars.blogspot.com
12
www.asghars.blogspot.com
13