The switch is at the heart of the network. It links all of the other equipment together and it can help you to gather important information about your network traffic.
Whether you are installing a brand new switch or reorganizing your network, you need to connect your devices to ports on the switch and then turn your attention to setting the configuration of the switch. This allows the switch to recognize all of the new devices connected to it.
Task 1: Wipe the switch
Your first action is to clear any existing configuration. You can do this by resetting it back to all of its default settings.
- Enter EXEC mode by entering enable at the switch’s operating system prompt. If prompted for a password, use class. The prompt character will change from „>“ to „#.“
- Type in delete flash:vlan.dat and press ENTER. You will be asked twice to confirm the deletion. Press ENTER each time. If the vlan.dat file doesn’t exist you will see an error message.
- Type in erase startup-config and press ENTER. Again, the system will ask you twice to confirm the deletion. Press ENTER each time.
- Type show vlan and press ENTER. The readout should only show the default VLAN 1. If previous VLANs are shown, restart the switch by unplugging the power socket and then plugging it in again. If all previous VLANs have been removed, you don’t need to do a hardware reset. Enter reload and press ENTER. This is a software restart. You will be prompted to save changes. Enter n and press ENTER. You will be asked to confirm this instruction. Press ENTER.
- On reloading, the prompt will display the message „Would you like to enter the initial configuration dialog? [yes/no]:“ Type n and press ENTER. You will see the message „Press RETURN to get started!“ Press ENTER to finish the reset process.
Task 2: Check the default configuration
Make sure that your work removing the old configuration was successful.
- Enter EXEC mode by entering enable at the switch’s operating system prompt and press ENTER.
- Query the configuration by typing show running-config and pressing ENTER. The report of this command will show you how many Fast Ethernet and Gigabit Ethernet interfaces are available.
- Check that startup procedures have been removed. Enter show startup-config and press ENTER. The report should be „startup-config is not present.“
- Look at the default VLAN settings by typing show interface vlan1 and pressing ENTER. You will be able to see whether any addresses are logged for the switch.
- Take a deeper look at the IP address with the command show ip interface vlan1.
- Check out the base operating system information with the command show version. The report should show you the system image file name and the base MAC address as well as the version of the operating system.
The image file is important because this will enable you to back up the configuration of your switch and monitor for any unauthorized changes to the setup of the switch. Taking a copy of the file also enables you to roll back any accidental or malicious changes to the configuration and it will also enable you to update all of your switches from one single approved configuration. You can get more information on tools that will organize these image files for you in 10 best network config tools and software.
Task 3: Create a basic configuration setup
The startup-config and running-config were wiped out when you cleared the existing configuration. You can create these files again so that they are ready for your new configuration. Start by giving the switch a name. In this example, the switch will be called „S1.“ You need to still be in the EXEC mode to carry out this task.
- Type in configure terminal and press ENTER. Write hostname S1, press ENTER and then type exit. Instead of typing exit, you can also just press CTRL-Z.
- Save this change in non-volatile RAM (NVRAM) with copy running-config startup-config. At the following prompt, press ENTER to save the file.
- Check the contents of the startup file with the command show startup-config.
Task 4: Set up switch passwords
Set up your configuration in stages. Make sure that the basic configuration details are correct before moving to advanced settings. In this task, you will set passwords for the switch and set up its address. In this example, all passwords will be set to „system.“
- Enter configure terminal to get into the configuration line mode.
- Enter line console 0, press ENTER, type password system, press ENTER, enter login, and press ENTER.
- Before leaving configuration line mode, set up the passwords for vty lines 0 to 15. Enter line vty 0 15, press ENTER, type in password system, press ENTER, type login, and then press ENTER.
- Set up the command mode password by entering enable secret system. This password is for the EXEC mode and the password „class“ is often used for this. However, using a non-standard password, such as „system“ improves security.
- Press CTRL-Z to exit configuration line mode.
Task 5: Set up switch addresses
The switch currently has one VLAN set up, which is the default VLAN 1. It is better to create a new VLAN and make it the connection over which you will manage the switch remotely. This new VLAN will be called VLAN 99 and you need to give the switch an address so that your network management console can contact it over the network. In this example, the switch is given the address 172.17.99.09. Use the subnet mask 255.255.255.255.
- Go into configure line mode by entering configure terminal.
- Type vlan 99 and press ENTER. On the next line, type exit. This will create VLAN 99.
- Type interface vlan 99 and press ENTER. Type IP address 172.17.99.09 255.255.255.255 and press ENTER. Type no shutdown, press ENTER and type exit on the next line.
If you haven’t sorted out the address space for your network yet, you should check out The Ultimate Guide to Subnetting for tips on how to organize addresses.
Task 6: Assign all user ports to the admin VLAN
The VLAN 99 interface will report as being offline because it has no ports assigned to it. Add all the user switch ports to the new VLAN.
- Enter configure terminal to get into configure line mode.
- Type interface range fa0/1 – 24 and press ENTER. Type switchport access vlan 99 and press ENTER.
- Type exit on the next line to get out of configure line mode. You will see the messages „Line protocol on Interface Vlan1, changed state to down“ and „Line protocol on Interface Vlan99, changed state to up“.
- Check on the status of the new VLAN with the command show interface vlan 99.
Task 7: Assign a default gateway to the switch
The switch will need to partner with a router – the switch deals with the Network Layer and uses MAC addresses and the router uses IP addresses and the Internet Layer. In order to get traffic moving around your network identified by IP address, you should have a router on it. You need to tell the switch the address of the router that it will be working with. This is termed its „default gateway.“ In this example, the router’s IP address is 172.17.99.1, but you should substitute the address of your router.
- Enter configure terminal to get into configure line mode.
- Type IP default-gateway 172.17.99.1 and press ENTER.
- Enter exit on the next line to exit configure line mode.
Task 8: Assign IP addresses to each device connected to the switch
This is a task that you will perform away from the switch. You will either assign the addresses manually on each device or manage the addresses from a central DHCP server. In each case, you should set the device’s default gateway to the IP address of the switch and not the router. You can now access the switch from your connected management console PC. Ping the address of the switch from your console to check that communications are flowing correctly.
At this point, you have the switch set up and working and all of the devices connected to it able to communicate to it and through it. You can now proceed to the advanced settings.
Task 9: Save basic switch configuration
You have already seen how to back up the configuration of the switch in the switch wiping section above. Once you have the basic configuration tasks completed, store the status of the switch with the command copy running-config startup-config. Use the show startup-config command to check that the configuration has been saved.
Task 10: Set up the MAC address table
The Cisco switch should discover the addresses of all of the devices connected to it. As the switch is a Layer 2 device, it communicates by MAC addresses. You can record the MAC addresses of the computers that you have connected to the switch by running ipconfig /all at the command line of each computer.
At the switch, issue the command show-mac-address-table to see the addresses that the switch has stored. Check these against the list you gathered by running ipconfig on each computer. If an address is missing, force communication by issuing a ping to the switch from the computer that isn’t listed in the MAC address table. Use the show-mac-address table to check whether the switch has now registered that missing address.
Task 11: Configure the Fast Ethernet interfaces
You can specify the parameters of each interface on your switch. Here is how to define the port speed and duplex type for each. By default, the Ethernet interfaces use autosensing to coordinate speed and duplex type. The option to manually set these parameters should only be used if a port is only able to function at a specific speed and duplex setting.
In this example, the commands will specify the settings for Fast Ethernet 0/12. You need to be in EXEC mode in order to perform this task.
- Enter configure line mode with the configure terminal command.
- Type interface fastethernet 0/12 and press ENTER. This enters a deeper level of command line with all subsequent lines relating to the named interface.
- Type speed 100 and press ENTER.
- Set the duplex condition with duplex full.
- Enter end to get out of the specifications for the named interface.
You will see messages on the screen that show the settings of the interface have been changed. Repeat the above steps for each of the interfaces on your switch.
Check on the new status of the interface with the command, show interface fastethernet 0/12.
Further Cisco switch commands
The show commands that you have seen used throughout this guide are just a few examples of a long list of commands that can be used to query statuses on Cisco switches. You can find out more useful query options in the Cisco Router Show Commands Cheat Sheet.
Managing Cisco switches
Once you have several switches on your network, you will find it too time-consuming to log into each switch and monitor its status. With all of the network management tasks that you need to perform, you will find it essential to install a network monitoring system. You can also use your Cisco switch’s built-in messaging system, called NetFlow, to gather traffic data. Look for a network analyzer tool to make sense of the data that you gather.
Getting a switch operating
Once you have managed to set up one Cisco switch, you will find the task of configuring more switches very easy. You can even replicate a standard configuration from one switch to another just by copying over the image file.
Have you had any experience with configuring Cisco switches? Have you set up switches from other manufacturers? Do you find it easier to set up a Cisco switch than another brand of switch? Leave a message in the Comments section below and share your experience with the community.