Escolar Documentos
Profissional Documentos
Cultura Documentos
ICND v2.21-1
Outline
Overview Catalyst Switch Default Configuration Verification Catalyst Switch IP Address and Default Gateway Configuration Duplexing and Speed Duplex Interface Configuration MAC Address Table Management Port Security Configuration Adds, Moves, and Changes for Access Layer Catalyst Switches Catalyst Switch Configuration File Management Summary
2004 Cisco Systems, Inc. All rights reserved. ICND v2.21-2
IP address: 0.0.0.0 CDP: enabled 100BaseT port: autonegotiate duplex mode Spanning tree: enabled Console password: none
ICND v2.21-3
wg_sw_2950#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24
ICND v2.21-4
ICND v2.21-5
Configures the switch default gateway for the 2950 series switches
ICND v2.21-6
ICND v2.21-7
Duplex Overview
Half Duplex (CSMA/CD) Unidirectional data flow Higher potential for collision Hubs connectivity Full Duplex Point-to-point only Attached to dedicated switched port Requires full-duplex support on both ends Collision-free Collision detect circuit disabled
2004 Cisco Systems, Inc. All rights reserved. ICND v2.21-8
ICND v2.21-9
ICND v2.21-10
ICND v2.21-11
ICND v2.21-12
wg_sw_2950(config)#interface fa0/1 wg_sw_2950(config-if)#switchport mode access wg_sw_2950(config-if)#switchport port-security wg_sw_2950(config-if)#switchport port-security maximum 1 wg_sw_2950(config-if)#switchport port-security mac-address 0008.eeee.eeee wg_sw_2950(config-if)#switchport port-security violation shutdown
ICND v2.21-13
wg_sw_2950#show port-security interface fastethernet 0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0
ICND v2.21-14
ICND v2.21-15
Add the address to a new port. Configure port security on the new switch. Configure the MAC address to the port allocated for the new user. Remove the old port configuration.
ICND v2.21-16
1. Determine the IP address for management purposes. 2. Configure administrative access for the console, auxiliary, and vty interfaces. 3. Configure security for the device. 4. Configure the access switch ports as necessary.
ICND v2.21-17
ICND v2.21-18
Clearing NVRAM
Catalyst 2950 Series
wg_sw_2950#erase nvram: -orwg_sw_2950#erase startup-config
ICND v2.21-19
Summary
A Catalyst switch comes with factory default settings that can be displayed with the show command. The ip address command is used to configure an IP address and subnet mask on a switch. The ip defaultgateway command is used to configure a default gateway. The duplex command is used to configure switch duplex options. MAC address tables include dynamic and static addresses. The switchport port-security mac-address command is used to set static MAC addresses.
2004 Cisco Systems, Inc. All rights reserved. ICND v2.21-20
Summary (Cont.)
The port security feature can be used to restrict input to an interface by limiting and identifying MAC addresses of the stations that are allowed to access the port. As network endpoint topology changes because of added, moved, and changed devices and interfaces, the switch configuration may need to be modified. The copy command can be used to copy a configuration from or to a file server. The erase nvram: command resets the switch configuration to the factory default settings.
ICND v2.21-21