Configuracao

1- Entrar no modo privilegiado.

switch>enable

Password:*******

switch#

2- Configurar ou alterar a senha do modo privilegiado.

switch(config)#enable secret ******digite a senha

switch(config)#exit

3- Configurar um nome para o Switch.

switch#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#hostname NOME

switch(config)#exit

switch# comunicao da porta.

Switch 2950:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)#speed 100

switch(config-if)#duplex full

5- Configurar o endereo IP/Mscara/Gateway nos Switchs.

switch#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface vlan 1

switch(config-if)#ip address X.X.X.X Y.Y.Y.Y onde X o endereo IP e Y a mscara de rede

switch(config-if)#exit

switch(config)#ip default-gateway X.X.X.X onde X o endereo IP do default-gateway

switch(config)#exit

switch#

6- Criar VLANs nos Switchs.

switch#vlan database

switch(vlan)#vlan 2 name NAME

VLAN 2 modified:

Name: NAME

OU

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#vlan 2

switch(config-vlan)#name NAME

7- Atribuir portas as VLANs.

Portas 3, 4 e 5 VLAN 2

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/3

switch(config-if)#switchport access vlan 2

switch(config-if)#exit

switch(config)#interface fastEthernet 0/4

switch(config-if)#switchport access vlan 2

switch(config-if)#exit

switch(config)#interface fastEthernet 0/5

switch(config-if)#switchport access vlan 2

switch(config-if)#exit

switch(config)#exit

switch#

switch#show vlan visualizar VLAN

8- Configurar TRUNK.

Switch 2950:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)#speed 100

switch(config-if)#duplex full

switch(config-if)#switchport mode trunk

switch(config-if)#exit

switch(config)#exit

switch#show run

OU

Switch 2900:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)#speed 100

switch(config-if)#duplex full

switch(config-if)#switchport mode trunk

switch(config-if)#switchport trunk encapsulation dot1q

switch(config-if)#exit

9 - Configurar Espelhamento de portas para coleta de dados.

Exempl Espelhar as portas 1, 2 e 3 para porta 24.

Switch 2950:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#monitor session 1 destination interface fastEthernet 0/24

switch(config)#monitor session 1 source interface fastEthernet 0/1

switch(config)#monitor session 1 source interface fastEthernet 0/2

switch(config)#monitor session 1 source interface fastEthernet 0/3

switch(config)#exit

OU

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)# interface fastEthernet 0/24

switch(config-if)#port monitor FastEthernet 0/1

switch(config-if)#port monitor FastEthernet 0/2

switch(config-if)#port monitor FastEthernet 0/3

switch(config-if)#exit

switch(config)#exit

10 - Copiar arquivo de configurao.

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#ip ftp username USURIO

Switch(config)#ip ftp password SENHA

Switch(config)#end

Switch#copy nvram: startup-config ftp:

Address or name of remote host []? X.X.X.X onde X o endereo IP do servidor FTP

Destination filename [switch-confg]? cisco/nomedoarquivo

Writing cisco/nomedoarquivo !

1462 bytes copied in 3.368 secs (434 bytes/sec) 11 - Configurar relgio do switch.

switch# clock set 12:06:00 30 may 2005

12 Configurar modo de exibio do log.

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# service timestamps log datetime

13 Configurar tamanho do log. switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# logging buffered 8192 14 Configurar servidor de log.

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# logging X.X.X.X onde X o endereo IP do servidor de Logs

15 Criptografar as senhas console e telnet (configure terminal). switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#service password-encryption 16 Configurar Lista de acesso (MAC).

habilita a criptografia

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#mac access-list extended TESTE

Switch(config-ext-macl)#permit host XXXX.XXXX.XXXX host YYYY.YYYY.YYYY endereos MAC

onde X e Y so os

Switch#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)#int fas 0/5

Switch(config-if)# mac access-group TESTE in

atribuir lista a interfece

17 Configurar controle de storm de broadcasts

Switch 2950:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)#storm-control broadcast level N

//N= % da banda a ser limitada//

switch(config-if)# storm-control action shutdown //Caso atinja o limite acima porta ficar em shutdown//

switch(config-if)#exit Switch 2900:

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)# port storm-control broadcast threshold rising X falling Y

//Onde rising X o

limite superior em pacotes/seg e falling Y o limite inferior para a porta retornar ao estado up//

switch(config-if)# port storm-control broadcast action shutdown //Caso atinja o limite acima porta ficar shutdown//

switch(config-if)#exit 18 Desabilitar Trunk automtico no 2950

switch#config t

Enter configuration commands, one per line. End with CNTL/Z.

switch(config)#interface fastEthernet 0/1

switch(config-if)#switchport mode access 19 Recuperar senha do switch

1-

Fazer a conexo com o switch atravs da porta console (9600 bps).

2-

Desconectar o cabo de alimentao do switch.

3-

Pressionar o boto Mode e mant-lo pressionado enquanto reconecta o cabo de alimentao do

switch. Mantenha o boto Mode pressionado dois segundos aps o led da porta 1X apagar.

4-

Aparecero as seguintes mensagens:

The system has been interrupted prior to initializing the flash file system. The following commands will initialize the flash file system, and finish loading the operating system software: flash_init

load_helper

boot

5-

Inicializar o arquivo Flash do sistema:

Switch: flash_init

6-

Carregar arquivos de ajuda:

Switch: load_helper

7-

Visualizar o contedo da memria Flash:

Switch: dir flash:

Note que o arquivo config.text o arquivo de configurao que contm as definies sobre a senha.

8-

Renomear o arquivo de configurao para config.text.old

Switch: rename flash:config.text flash:config.text.old

9-

Bootar o switch

Switch: boot

10- Aps a inicializao do switch, aparecer a seguinte pregunta: Deseja entra no modo de configurao "dilogo"?

Digite no

11- No prompt de comando entre no modo privilegiad

switch> enable

12- Renomear o arquivo de configurao para o seu nome original (config.text)

Switch: rename flash:config.text.old flash:config.text

13- Copiar o arquivo de configurao para a memria:

Agora a senha j pode ser alterada.

14- Entrar no modo de configurao global:

Switch# config terminal

15- Alterar a senha:

Switch(config)# enable secret *********

16- Retornar ao modo privilegiado e gravar as novas configuraes:

Switch(config)# exit

Switch# write

Aps estes procedimentos a nova senha j estar includa no arquivo de configurao inicial.