1.1

2. Console ConnectivityConnect a rollover cable to the Switch console port (RJ-45 connector).Connect the other end of the rollover cable to the RJ-45 to DB-9 adapterAttach the female DB-9 adapter to a PC Serial Port.Open emulation software on the PC.2 3. Emulation SoftwareWINDOWS Start Programs Accessories Communications HyperTerminal HyperTerminal.Give the Connection Name & Select Any IconSelect Serial (Com) Port where Switch is Connected.In Port Settings Click on Restore DefaultsLINUX # minicom -s3 4. Console ConnectivityE0Con 0LAN - 192.168.1.0/244 5. 5 6. 6 7. 7 8. 8 9. 9 10. 10 11. 11 12. abc12 13. 13 14. 14 15. 15 16. 16 17. 17 18. Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999. All rights reserved. Enterprise Edition Software Ethernet Address: 00-D0-D3-74-ED-40 PCA Number: 73-3122-01 PCA Serial Number: FAB032632C9 Model Number: WS-C1912-EN System Serial Number: FAB0328V07D Power Supply S/N: APQ0313014N PCB Serial Number: FAB032632C9,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] [K] [I] [P]Menus Command Line IP Configuration Console PasswordEnter Selection: I18 19. Catalyst 1900 - IP Configuration Ethernet Address: 00-D0-D3-74-ED-40 ---------------------- Settings ----------------------[I] IP address 0.0.0.0 [S] Subnet mask 0.0.0.0 [G] Default gateway 0.0.0.0 [V] Management VLAN 1 [M] IP address of DNS server 1 0.0.0.0 [N] IP address of DNS server 2 0.0.0.0 [D] Domain name [R] Use Routing Information Protocol Enabled -------------------- Actions -------------------------[P] Ping [C] Clear cached DNS entries [X] Exit to previous menu I Enter Selection:19 20. [D] Domain name [R] Use Routing Information Protocol Enabled -------------------- Actions -------------------------[P] Ping [C] Clear cached DNS entries [X] Exit to previous menu Enter Selection: I This command assigns an administrative IP address to this switch. The new address will take effect immediately. If no IP address is assigned (or if the IP address is removed by setting it to 0.0.0.0), and the switch is connected to a DHCP server, the DHCP server may automatically assign an address to the switch. Enter administrative IP address in dotted format (nnn.nnn.nnn.nnn) Current setting ===> New setting===>0. 0. 0. 0 192.168.20.6520 21. Catalyst 1900 - IP Configuration Ethernet Address: 00-D0-D3-74-ED-40 ---------------------- Settings ---------------------------[I] IP address 192.168.20.65 [S] Subnet mask 0.0.0.0 [G] Default gateway 0.0.0.0 [V] Management VLAN 1 [M] IP address of DNS server 1 0.0.0.0 [N] IP address of DNS server 2 0.0.0.0 [D] Domain name [R] Use Routing Information Protocol Enabled -------------------- Actions -----------------------------[P] Ping [C] Clear cached DNS entries [X] Exit to previous menu S Enter Selection:21 22. [M] IP address of DNS server 1 [N] IP address of DNS server 2 [D] Domain name0.0.0.0 0.0.0.0[R] Use Routing Information Protocol Enabled -------------------- Actions -------------------------[P] Ping [C] Clear cached DNS entries [X] Exit to previous menu Enter Selection: I This command defines the subnet mask for the IP address set by the [I] IP Address command. Enter IP subnet mask in dotted quad format (nnn.nnn.nnn.nnn): Current setting ===> New setting0. 0. 0. 0 255.255.255.0===>22 23. Catalyst 1900 - IP Configuration Ethernet Address: 00-D0-D3-74-ED-40 ---------------------- Settings ---------------------------[I] IP address 192.168.20.65 [S] Subnet mask 255.255.255.0 [G] Default gateway 0.0.0.0 [V] Management VLAN 1 [M] IP address of DNS server 1 0.0.0.0 [N] IP address of DNS server 2 0.0.0.0 [D] Domain name [R] Use Routing Information Protocol Enabled -------------------- Actions -----------------------------[P] Ping [C] Clear cached DNS entries [X] Exit to previous menu X Enter Selection:23 24. Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999. All rights reserved. Enterprise Edition Software Ethernet Address: 00-D0-D3-74-ED-40 PCA Number: 73-3122-01 PCA Serial Number: FAB032632C9 Model Number: WS-C1912-EN System Serial Number: FAB0328V07D Power Supply S/N: APQ0313014N PCB Serial Number: FAB032632C9,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] [K] [I] [P]Menus Command Line IP Configuration Console PasswordEnter Selection: P24 25. User Interface Menu [M] [K] [I] [P]Menus Command Line IP Configuration Console PasswordEnter Selection: P The Management Console password can help prevent unauthorized accesses. When specifying a password, use a minimum of 4 characters and maximum of 8 characters. The password is case insensitive and can contain any character with a legal keyboard representation. For the user's protection, the password must be entered the same way twice before it will be accepted. Enter new password: Reenter to verify new password:**** ****Password modified Press any key to continue.25 26. Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999. All rights reserved. Enterprise Edition Software Ethernet Address: 00-D0-D3-74-ED-40 PCA Number: 73-3122-01 PCA Serial Number: FAB032632C9 Model Number: WS-C1912-EN System Serial Number: FAB0328V07D Power Supply S/N: APQ0313014N PCB Serial Number: FAB032632C9,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection: M Enter password: ****26 27. Catalyst 1900 - Main Menu [C] [S] [N] [P] [A] [D] [M] [V] [R] [F] [I] [U] [H] [K]Console Settings System Network Management Port Configuration Port Addressing Port Statistics Detail Monitoring Virtual LAN Multicast Registration Firmware RS-232 Interface Usage Summaries Help Command Line[X] Exit Management Console Enter Selection: S27 28. Catalyst 1900 - System Configuration System Revision: 5 Address Capacity: 1024 System UpTime: 0day(s) 00hour(s) 06minute(s) 58second(s) ---------------------- Settings ------------------------------[N] Name of system Switch [C] Contact name [L] Location [S] Switching modeFragmentFree[U] Use of store-and-forward for multicast Disabled [A] Action upon address violation Suspend [G] Generate alert on address violation Enabled [I] Address aging time 300 second(s) [P] Network port None [H] Half duplex back pressure (10-mbps ports) Disabled [E] Enhanced congestion control (10-mbps ports) Disabled -------------------- Actions --------------------------------[R] Reset system [F] Reset to factory defaults S [V] Reset VTP to factory def. [T] Reset to enable Bridge Group -------------------- Related Menus ---------------------------[B] Broadcast storm control [X] Exit to Main Menu 28 Enter Selection: 29. [H] Half duplex back pressure (10-mbps ports) Disabled [E] Enhanced congestion control (10-mbps ports) Disabled -------------------- Actions -------------------------------[R] Reset system [F] Reset to factory defaults [V] Reset VTP to factory def. [T] Reset to enable Bridge Group -------------------- Related Menus ---------------------------[B] Broadcast storm control [X] Exit to Main Menu Enter Selection: FragmentFree switching mode reduces bridge delay by making the forwarding decision after 64 bytes have been received. In contrast, Store-and-Forward switching mode waits until the entire frame has been received before the forwarding decision is made. This command sets the switching mode. Select Store-and-Forward[1], or FragmentFree[2]: Current setting ===> FragmentFree New setting ===> Store-and-Forward29 30. Catalyst 1900 - System Configuration System Revision: 5 Address Capacity: 1024 System UpTime: 0day(s) 00hour(s) 06minute(s) 58second(s) ---------------------- Settings ------------------------------[N] Name of system Switch [C] Contact name [L] Location [S] Switching mode Store & Forward [U] Use of store-and-forward for multicast Disabled [A] Action upon address violation Suspend [G] Generate alert on address violation Enabled [I] Address aging time 300 second(s) [P] Network port None [H] Half duplex back pressure (10-mbps ports) Disabled [E] Enhanced congestion control (10-mbps ports) Disabled -------------------- Actions --------------------------------[R] Reset system [F] Reset to factory defaults [V] Reset VTP to factory def. [T] Reset to enable Bridge Group X -------------------- Related Menus ---------------------------[B] Broadcast storm control [X] Exit to Main Menu Enter Selection: 30 31. Catalyst 1900 - Main Menu [C] [S] [N] [P] [A] [D] [M] [V] [R] [F] [I] [U] [H] [K]Console Settings System Network Management Port Configuration Port Addressing Port Statistics Detail Monitoring Virtual LAN Multicast Registration Firmware RS-232 Interface Usage Summaries Help Command Line[X] Exit Management Console Enter Selection: X31 32. [N] [P] [A] [D] [M] [V] [R] [F] [I] [U] [H] [K]Network Management Port Configuration Port Addressing Port Statistics Detail Monitoring Virtual LAN Multicast Registration Firmware RS-232 Interface Usage Summaries Help Command Line[X] Exit Management Console Enter Selection: X This command will exit and log you out of the Management Console. Exit Management Console, [Y]es or [N]o? Yes32 33. Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999. All rights reserved. Enterprise Edition Software Ethernet Address: 00-D0-D3-74-ED-40 PCA Number: 73-3122-01 PCA Serial Number: FAB032632C9 Model Number: WS-C1912-EN System Serial Number: FAB0328V07D Power Supply S/N: APQ0313014N PCB Serial Number: FAB032632C9,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection: K33 34. CLI session with the switch is open. To end the CLI session, enter [Exit]. User Mode User Mode > enable ::Commands :: Commands Privileged Mode # show running-config Privileged Mode ping, enable ping, enable ::Commands :: Commands Building configuration... show, copy, configure terminal, show, copy, configure terminal, Current configuration: reload, reload, ! ! ! ip address 192.168.20.65 255.255.255.0 ! ! ! ! enable password level 15 "ZOOM" ! ! --More--34 35. interface Ethernet 0/1 ! interface Ethernet 0/2 ! interface Ethernet 0/3 ! interface Ethernet 0/4 ! interface Ethernet 0/5 ! interface Ethernet 0/6 ! interface Ethernet 0/7 ! --More--35 36. interface Ethernet 0/8 ! interface Ethernet 0/9 ! interface Ethernet 0/10 ! interface Ethernet 0/11 ! interface Ethernet 0/12 ! interface Ethernet 0/25 ! interface FastEthernet 0/26 ! --More--36 37. ! interface FastEthernet 0/27 ! ! line console end # show mac-address-table Number of permanent addresses : 0 Number of restricted static addresses : 0 Number of dynamic addresses : 20 Address Dest Interface Type Source Interface -----------------------------------------------------------------000F.90C2.2A18 FastEthernet 0/27 Dynamic All 0000.21CB.8BD2 Ethernet 0/5 Dynamic All 0010.7B7F.A0DA FastEthernet 0/27 Dynamic All 00E0.4C60.F295 Ethernet 0/4 Dynamic All 0050.736C.20D2 FastEthernet 0/27 Dynamic All 0080.AD83.ED24 Ethernet 0/8 Dynamic All 0000.2114.76BF Ethernet 0/2 Dynamic All 000B.2B0D.EDE4 Ethernet 0/11 Dynamic All37 38. # configure terminal Enter configuration commands, Configuration Mode with CNTL/Z. Global Configuration Mode Global one per line. End (config)# hostname Switch1900 :Commands :: : Commands hostname, ip 192.168.20.65 255.255.255.0 Switch1900(config)# ip address address, enable secret hostname, ip address, enable secret Switch1900(config)# enable secret zoom Switch1900(config)# ^Z Switch1900#38 39. Visual Switch Manager AccessE0Con 0LAN - 192.168.1.0/2439 40. 40 41. http://192.168.20.65****41 42. 42 43. 43 44. 44 45. 45 46. 46 47. 47 48. Virtual LAN A Layer 2 Security Divides a Single Broadcast domain into Multiple Broadcast domains. By default all ports of the switch are in VLAN1 . This VLAN1 is known as Administrative VLAN or Management VLAN VLAN can be created from 2 1001 Can be Configured on a Manageable switch only 2 Types of VLAN Membership Static VLAN Dynamic VLAN48 49. Static VLAN Static VLANs are based on port numbers Need to manually assign a port on a switch to a VLAN Also called Port-Based VLANs It can be a member of single VLAN and not multiple VLANs49 50. Dynamic VLAN Dynamic VLANs are based on the MAC address of a PC Switch automatically assigns the port to a VLAN Each port can be a member of multiple VLANs For Dynamic VLAN configuration, a software called VMPS( VLAN Membership Policy Server) is needed50 51. Important Notes The PC port from which you Telnet to the switch must be in a Default VLAN If all the ports are in different VLANs ,can you Telnet to the switch? Answer : NO So to remove the VLANs enter through console port51 52. VLAN - Lab DiagramDefault VLAN i.e. VLAN No. 1192.168.20.1192.168.20.2192.168.20.3192.168.20.6192.168.20.5192.168.20.4 SWITCH192.168.20.7192.168.20.8192.168.20.952 53. VLAN - Lab DiagramSales Vlan no. 5192.168.20.1Sales Vlan no. 5192.168.20.2192.168.20.3 SWITCH53 54. VLAN - ConfigurationSales Vlan no. 5192.168.20.1Sales Vlan no. 5192.168.20.2192.168.20.3 SWITCH54 55. VLAN - Lab DiagramSales Vlan no. 5192.168.20.1Sales Vlan no. 5192.168.20.2192.168.20.3 SWITCH55 56. Trunking Configuration Sales Vlan no. 5192.168.20.1Marketing Vlan no. 6192.168.20.2192.168.20.3 SWITCHSales Vlan no. 5192.168.20.6Marketing Vlan no. 6192.168.20.5192.168.20.456Fa0/26Fa0/27 SWITCH 57. Virtual LAN Trunking Protocol VTP is a CISCO proprietary protocol used to share the VLAN configurations with multiple switches. Switches are connected using Fast Ethernet ports57 58. VTP Modes VTP Mode are of three types : Server Mode A Switch configured in Server mode can Add , Modify and Delete VLANs A Default VTP mode for all switches Client Mode A switch configured in Client mode cannotAdd , Modify andDelete its VLAN configurations Doesnt store its VLAN configuration information in the NVRAM. Instead , learns it from the server every time it boots up Transparent ModeA switch configured in a Transparent Mode can Add , Modify and Delete VLAN configurations. Changes in one58 transparent switch will not affect any other switch. 59. Spanning Tree Protocol Spanning Tree Protocol (STP) uses Spanning Tree Algorithm to avoid the Switching loops in layer-2 devices (bridges or switches). STP works when multiple switches are used with redundant links avoiding Broadcast Storms, Multiple Frame Copies & Database instability.59 60. STP Terminology Root Bridge The bridge with the Best (Lowest) ID. Out of all the switches in the network , one is elected as a root bridge that becomes the focal point in the network. BPDU All switches exchange information through what is called as Bridge Protocol Data Units (BPDUs) BPDUs contain a lot of information to help the switches determine the topology and any loops that result from that topology. BPDUs are sent every 2 sec60 61. STP Terminology Bridge ID Each switch has a unique identifier called a Bridge ID or Switch ID Bridge ID = Priority + MAC address of the switch When a switch advertises a BPDU , they place their switch id in these BPDUs. Non-Root bridge All Switches other than the Root Bridge are Non-Root Bridges Root port The link directly connected to the root bridge, or the shortest path to the root bridge is a root port. The port with the least cost to the root bridge61 62. STP Terminology Designated port Either a root port or a port that has been determined as having the best (lower) cost A designated port will be marked as a forwarding port. Forwarding port port that forwards frames Blocked port port that will not forward frames , in order to prevent loops. However, a blocked port will always listen to BPDUs.62 63. STP - Port States Blocking Listening Learning Forwarding63 64. 64 65. Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-2000 Microsoft Corp. C:> ping 192.168.20.2 pinging 192.168.20.2 with 32 bytes of data: Reply from 192.168.20.2: bytes=32 time