CCNA V3 P4 Configuring a Catalyst Switch
Chia sẻ bởi Nguyễn Duy Diệu |
Ngày 29/04/2019 |
104
Chia sẻ tài liệu: CCNA V3 P4 Configuring a Catalyst Switch thuộc Bài giảng khác
Nội dung tài liệu:
© 2002, Cisco Systems, Inc. All rights reserved.
© 2002, Cisco Systems, Inc. All rights reserved.
2
Configuring a Catalyst Switch
Objectives
Upon completing this lesson, you will be able to:
Verify the default configuration of the device, given a functioning access layer switch
Configure the switch management IP address and the default gateway, given a functioning access layer switch and an IP addressing scheme
Execute an add, move, or change on an access layer switch, given a new network requirement
IP address: 0.0.0.0
CDP: enabled
100baseT port: autonegotiate duplex mode
Spanning tree: enabled
Console password: none
Catalyst 1900 and 2950 Default Configuration
wg_sw_1900#show run
Building configuration...
Current configuration:
!
!
interface Ethernet 0/1
!
interface Ethernet 0/2
wg_sw_1900#show spantree
Port Ethernet 0/1 of VLAN1 is Forwarding
Port path cost 100, Port priority 128
Designated root has priority 32768, address 0090.8673.3340
Designated bridge has priority 32768, address 0090.8673.3340
Designated port is Ethernet 0/1, path cost 0
Timers: message age 20, forward delay 15, hold 1
wg_sw_1900#show vlan-membership
Port VLAN Membership Type Port VLAN Membership Type
------------------------------------------------------------------
1 5 Static 13 1 Static
2 1 Static 14 1 Static
3 1 Static 15 1 Static
Port Names on
Catalyst 1900 Switches
wg_sw_2950#show run
Building configuration...
Current configuration:
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
wg_sw_2950#show spantree
Interface Fa0/1 (port 7) in Spanning tree 1 is FORWARDING
Port path cost 19, Port priority 128
Designated root has priority 32768, address 0008.a445.c980
Designated bridge has priority 32768, address 0008.a445.c980
Designated port is 7, path cost 0
Timers: message age 0, forward delay 0, hold 0
BPDU: sent 8316, received 4
wg_sw_2950#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4,
Fa0/5, Fa0/6, Fa0/7, Fa0/8,
Fa0/9, Fa0/10, Fa0/11, Fa0/12,
Fa0/13, Fa0/14, Fa0/15, Fa0/16,
Fa0/17, Fa0/18, Fa0/19, Fa0/20,
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Port Names on
Catalyst 2950 Switches
wg_sw_1900(config)#ip address 10.5.5.11 255.255.255.0
wg_sw_1900(config)#ip address {ip_address} {mask}
Configuring the
Switch IP Address
Configures an IP address and subnet mask on the switch
Catalyst 1900
wg_sw_2950(config)#interface vlan 1
wg_sw_2950(config-if)#ip address 10.5.5.11 255.255.255.0
wg_sw_2950(config-if)#ip address {ip_address} {mask}
Configures an IP address and subnet mask for the switch VLAN1 interface
Catalyst 2950
wg_sw_a(config)# ip default-gateway {ip address}
Configures the switch default gateway for the Catalyst 1900 and 2950 switches
Configuring the Switch Default Gateway
wg_sw_a(config)#ip default-gateway 10.5.5.3
Showing the Switch IP Address
Catalyst 1900
Catalyst 2950
wg_sw_1900#show ip
IP address: 10.5.5.11
Subnet mask: 255.255.255.0
Default gateway: 10.5.5.3
Management VLAN: 1
…
wg_sw_a#
wg_sw_2950#show interface vlan 1
Vlan1 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0010.f6a9.9800 (bia 0010.f6a9.9800)
Internet address is 172.16.80.79/24
Broadcast address is 255.255.255.255
. . .
wg_sw_2950#
Duplex Overview
Half Duplex (CSMA/CD)
Unidirectional data flow
Higher potential for collision
Hubs connectivity
Full Duplex
Point-to-point only
Attached to dedicated switched port
Requires full-duplex support on both ends
Collision-free
Collision detect circuit disabled
wg_sw_1900(config)#interface e0/1
wg_sw_1900(config-if)#duplex {auto | full |
full-flow-control | half}
Setting Duplex Options
Catalyst 1900
Catalyst 2950
wg_sw_2950(config)#interface fe0/1
wg_sw_2950(config-if)#duplex {auto | full | half}
Showing Duplex Options
Switch#show interfaces fastethernet0/3
FastEthernet0/3 is up, line protocol is down
Hardware is Fast Ethernet, address is 0000.0000.0003 (bia 0000.0000.0003)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
wg_sw_1900#show mac-address-table
Number of permanent addresses : 0
Number of restricted static addresses : 0
Number of dynamic addresses : 6
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
0090.273B.87A4 FastEthernet 0/26 Dynamic All
00D0.588F.B600 FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
Managing the MAC Address Table
Catalyst 1900
Catalyst 2950
wg_sw_2950#show mac-address-table
Dynamic Address Count: 1
Secure Address Count: 0
Static Address (User-defined) Count: 0
System Self Address Count: 25
Total MAC addresses: 26
Maximum MAC addresses: 8192
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0050.0f02.3372 Dynamic 1 FastEthernet0/2
wg_sw_1900(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
wg_sw_1900#show mac-address-table
Number of permanent addresses : 1
Number of restricted static addresses : 0
Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
2222.2222.2222 Ethernet 0/3 Permanent All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_1900(config)#mac-address-table permanent {mac-address type module/port}
Setting a Permanent MAC Address
wg_sw_2950(config)#mac-address-table static
mac_addr {vlan vlan_id} [interface int1 [int2 ... int15]]
Catalyst 1900 and 2950
Catalyst 2950 only
wg_sw_1900(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1
wg_sw_1900#show mac-address-table
Number of permanent addresses : 1
Number of restricted static addresses : 1
Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
1111.1111.1111 Ethernet 0/4 Static Et0/1
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
2222.2222.2222 Ethernet 0/3 Permanent All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_1900(config)#mac-address-table restricted static
{mac-address type module/port src-if-list}
Setting a Restricted Static MAC Address on the Catalyst 1900
wg_sw_2950#mac-address-table secure 0003.3333.3333 fa 0/1 vlan 1
wg_sw_2950#show mac-address-table
Dynamic Address Count: 1
Secure Address Count: 1
Static Address (User-defined) Count: 1
System Self Address Count: 25
Total MAC addresses: 28
Maximum MAC addresses: 8192
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0050.0f02.3372 Dynamic 1 FastEthernet0/2
0003.3333.3333 Secure 1 FastEthernet0/1
Static Address Table:
Destination Address VLAN Input Port Output Ports
------------------- ---- ---------- -----------------------
2222.2222.2222 1 ALL Fa0/1
Setting a Restricted Static MAC Address on the Catalyst 2950
wg_sw_2950(config)#mac-address-table secure
hw-addr interface [vlan vlan-id]
wg_sw_1900(config)#interface e0/4
wg_sw_1900(config-if)#port secure
wg_sw_1900(config-if)#port secure max-mac-count 1
wg_sw_1900(config-if)#port secure [max-mac-count count]
Configuring Port Security
Catalyst 1900
Catalyst 2950
wg_sw_2950(config-if)#port security max-mac-count count
wg_sw_2950(config)#interface fa0/1
wg_sw_2950(config-if)#port security
wg_sw_2950(config-if)#port security max-mac-count 10
wg_sw_1900#show mac-address-table security
wg_sw_1900(config)#address-violation {suspend | disable | ignore}
wg_sw_1900#show mac-address-table security
Action upon address violation : Suspend
Interface Addressing Security Address Table Size
---------------------------------------------------------------
Ethernet 0/1 Disabled N/A
Ethernet 0/2 Disabled N/A
Ethernet 0/3 Disabled N/A
Ethernet 0/4 Enabled 1
Ethernet 0/5 Disabled N/A
Ethernet 0/6 Disabled N/A
Ethernet 0/7 Disabled N/A
Ethernet 0/8 Disabled N/A
Ethernet 0/9 Disabled N/A
Ethernet 0/10 Disabled N/A
Ethernet 0/11 Disabled N/A
Ethernet 0/12 Disabled N/A
Verifying Port Security
on the Catalyst 1900
wg_sw_2950#show mac-address-table secure
wg_sw_2950#show port-security
wg_sw_2950#show mac-address-table secure
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0003.3333.3333 Secure 1 FastEthernet0/1
Verifying Port Security
on the Catalyst 2950
wg_sw_2950(config-if)#port security action {shutdown | trap}
Executing Adds, Moves, and Changes
for MAC Addresses
Adding a MAC Address
Configure port security.
Configure the MAC address.
Changing a MAC Address
Remove MAC address restrictions.
Moving a MAC Address
Add the address to a new port.
Configure port security on the
new switch.
Configure the MAC address to the
port allocated for the new user
Remove the old port configuration.
Adding a New Switch
to the Network
Determine the IP address for management purposes.
Configure administrative access for the console, auxiliary, and virtual terminal (VTY) interfaces.
Configure security for the device.
Configure the access switch ports as necessary.
wg_sw_1950#copy nvram tftp://10.1.1.1/wgswd.cfg
Configuration upload is successfully completed
wg_sw_1950#copy tftp://10.1.1.1/wgswd.cfg nvram
TFTP successfully downloaded configuration file
wg_sw_1900#copy tftp://host/src_file nvram
wg_sw_1900#copy nvram tftp://host/dst_file
Managing the Configuration File
Catalyst 1900
wg_sw_2950#copy startup-config tftp://host/dst_file
Catalyst 2950
Resets the system configuration to factory defaults
Clearing NVRAM
wg_sw_1900#delete nvram
Resets the system configuration to factory defaults
wg_sw_2950#erase startup-config
Catalyst 1900
Catalyst 2950
Summary
A Catalyst switch comes with factory default settings that can be displayed with the show command.
To configure an IP address and subnet mask on a switch, use the ip address command. To configure a default gateway, use the ip default-gateway command.
Half-duplex transmission uses collision detection. The faster full-duplex mode is used for directly connected devices where collision detection isn’t needed.
Use the duplex command to configure switch duplex options.
MAC address tables include dynamic, permanent, and static addresses. Use the mac-address-table command to set permanent and static addresses.
Summary (Cont.)
Use the mac-address-table restricted static command
to associate a restricted static address with a particular port.
Secured ports restrict the use of a port to a user-defined group of stations, set with the port secure command.
As your network endpoint topology changes by adding new devices or interfaces, or moving or changing existing ones, you may need to modify the switch configuration.
The copy command can be used to copy a configuration from or to a file server, while the delete nvram command resets the switch configuration to the factory default settings.
Visual Objective 3-1:
Configuring the Switch
Pod Switch Router Ethernet
A 10.1.1.10 10.1.1.11
B 10.1.1.20 10.1.1.21
C 10.1.1.30 10.1.1.31
D 10.1.1.40 10.1.1.41
E 10.1.1.50 10.1.1.51
F 10.1.1.60 10.1.1.61
G 10.1.1.70 10.1.1.71
H 10.1.1.80 10.1.1.81
I 10.1.1.90 10.1.1.91
J 10.1.1.100 10.1.1.101
K 10.1.1.110 10.1.1.111
L 10.1.1.120 10.1.1.121
© 2002, Cisco Systems, Inc. All rights reserved.
2
Configuring a Catalyst Switch
Objectives
Upon completing this lesson, you will be able to:
Verify the default configuration of the device, given a functioning access layer switch
Configure the switch management IP address and the default gateway, given a functioning access layer switch and an IP addressing scheme
Execute an add, move, or change on an access layer switch, given a new network requirement
IP address: 0.0.0.0
CDP: enabled
100baseT port: autonegotiate duplex mode
Spanning tree: enabled
Console password: none
Catalyst 1900 and 2950 Default Configuration
wg_sw_1900#show run
Building configuration...
Current configuration:
!
!
interface Ethernet 0/1
!
interface Ethernet 0/2
wg_sw_1900#show spantree
Port Ethernet 0/1 of VLAN1 is Forwarding
Port path cost 100, Port priority 128
Designated root has priority 32768, address 0090.8673.3340
Designated bridge has priority 32768, address 0090.8673.3340
Designated port is Ethernet 0/1, path cost 0
Timers: message age 20, forward delay 15, hold 1
wg_sw_1900#show vlan-membership
Port VLAN Membership Type Port VLAN Membership Type
------------------------------------------------------------------
1 5 Static 13 1 Static
2 1 Static 14 1 Static
3 1 Static 15 1 Static
Port Names on
Catalyst 1900 Switches
wg_sw_2950#show run
Building configuration...
Current configuration:
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
wg_sw_2950#show spantree
Interface Fa0/1 (port 7) in Spanning tree 1 is FORWARDING
Port path cost 19, Port priority 128
Designated root has priority 32768, address 0008.a445.c980
Designated bridge has priority 32768, address 0008.a445.c980
Designated port is 7, path cost 0
Timers: message age 0, forward delay 0, hold 0
BPDU: sent 8316, received 4
wg_sw_2950#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4,
Fa0/5, Fa0/6, Fa0/7, Fa0/8,
Fa0/9, Fa0/10, Fa0/11, Fa0/12,
Fa0/13, Fa0/14, Fa0/15, Fa0/16,
Fa0/17, Fa0/18, Fa0/19, Fa0/20,
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Port Names on
Catalyst 2950 Switches
wg_sw_1900(config)#ip address 10.5.5.11 255.255.255.0
wg_sw_1900(config)#ip address {ip_address} {mask}
Configuring the
Switch IP Address
Configures an IP address and subnet mask on the switch
Catalyst 1900
wg_sw_2950(config)#interface vlan 1
wg_sw_2950(config-if)#ip address 10.5.5.11 255.255.255.0
wg_sw_2950(config-if)#ip address {ip_address} {mask}
Configures an IP address and subnet mask for the switch VLAN1 interface
Catalyst 2950
wg_sw_a(config)# ip default-gateway {ip address}
Configures the switch default gateway for the Catalyst 1900 and 2950 switches
Configuring the Switch Default Gateway
wg_sw_a(config)#ip default-gateway 10.5.5.3
Showing the Switch IP Address
Catalyst 1900
Catalyst 2950
wg_sw_1900#show ip
IP address: 10.5.5.11
Subnet mask: 255.255.255.0
Default gateway: 10.5.5.3
Management VLAN: 1
…
wg_sw_a#
wg_sw_2950#show interface vlan 1
Vlan1 is up, line protocol is up
Hardware is Cat5k Virtual Ethernet, address is 0010.f6a9.9800 (bia 0010.f6a9.9800)
Internet address is 172.16.80.79/24
Broadcast address is 255.255.255.255
. . .
wg_sw_2950#
Duplex Overview
Half Duplex (CSMA/CD)
Unidirectional data flow
Higher potential for collision
Hubs connectivity
Full Duplex
Point-to-point only
Attached to dedicated switched port
Requires full-duplex support on both ends
Collision-free
Collision detect circuit disabled
wg_sw_1900(config)#interface e0/1
wg_sw_1900(config-if)#duplex {auto | full |
full-flow-control | half}
Setting Duplex Options
Catalyst 1900
Catalyst 2950
wg_sw_2950(config)#interface fe0/1
wg_sw_2950(config-if)#duplex {auto | full | half}
Showing Duplex Options
Switch#show interfaces fastethernet0/3
FastEthernet0/3 is up, line protocol is down
Hardware is Fast Ethernet, address is 0000.0000.0003 (bia 0000.0000.0003)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
wg_sw_1900#show mac-address-table
Number of permanent addresses : 0
Number of restricted static addresses : 0
Number of dynamic addresses : 6
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
0090.273B.87A4 FastEthernet 0/26 Dynamic All
00D0.588F.B600 FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
Managing the MAC Address Table
Catalyst 1900
Catalyst 2950
wg_sw_2950#show mac-address-table
Dynamic Address Count: 1
Secure Address Count: 0
Static Address (User-defined) Count: 0
System Self Address Count: 25
Total MAC addresses: 26
Maximum MAC addresses: 8192
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0050.0f02.3372 Dynamic 1 FastEthernet0/2
wg_sw_1900(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
wg_sw_1900#show mac-address-table
Number of permanent addresses : 1
Number of restricted static addresses : 0
Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
2222.2222.2222 Ethernet 0/3 Permanent All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_1900(config)#mac-address-table permanent {mac-address type module/port}
Setting a Permanent MAC Address
wg_sw_2950(config)#mac-address-table static
mac_addr {vlan vlan_id} [interface int1 [int2 ... int15]]
Catalyst 1900 and 2950
Catalyst 2950 only
wg_sw_1900(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1
wg_sw_1900#show mac-address-table
Number of permanent addresses : 1
Number of restricted static addresses : 1
Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List
------------------------------------------------------------------
1111.1111.1111 Ethernet 0/4 Static Et0/1
00E0.1E5D.AE2F Ethernet 0/2 Dynamic All
2222.2222.2222 Ethernet 0/3 Permanent All
00D0.588F.B604 FastEthernet 0/26 Dynamic All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All
00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_1900(config)#mac-address-table restricted static
{mac-address type module/port src-if-list}
Setting a Restricted Static MAC Address on the Catalyst 1900
wg_sw_2950#mac-address-table secure 0003.3333.3333 fa 0/1 vlan 1
wg_sw_2950#show mac-address-table
Dynamic Address Count: 1
Secure Address Count: 1
Static Address (User-defined) Count: 1
System Self Address Count: 25
Total MAC addresses: 28
Maximum MAC addresses: 8192
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0050.0f02.3372 Dynamic 1 FastEthernet0/2
0003.3333.3333 Secure 1 FastEthernet0/1
Static Address Table:
Destination Address VLAN Input Port Output Ports
------------------- ---- ---------- -----------------------
2222.2222.2222 1 ALL Fa0/1
Setting a Restricted Static MAC Address on the Catalyst 2950
wg_sw_2950(config)#mac-address-table secure
hw-addr interface [vlan vlan-id]
wg_sw_1900(config)#interface e0/4
wg_sw_1900(config-if)#port secure
wg_sw_1900(config-if)#port secure max-mac-count 1
wg_sw_1900(config-if)#port secure [max-mac-count count]
Configuring Port Security
Catalyst 1900
Catalyst 2950
wg_sw_2950(config-if)#port security max-mac-count count
wg_sw_2950(config)#interface fa0/1
wg_sw_2950(config-if)#port security
wg_sw_2950(config-if)#port security max-mac-count 10
wg_sw_1900#show mac-address-table security
wg_sw_1900(config)#address-violation {suspend | disable | ignore}
wg_sw_1900#show mac-address-table security
Action upon address violation : Suspend
Interface Addressing Security Address Table Size
---------------------------------------------------------------
Ethernet 0/1 Disabled N/A
Ethernet 0/2 Disabled N/A
Ethernet 0/3 Disabled N/A
Ethernet 0/4 Enabled 1
Ethernet 0/5 Disabled N/A
Ethernet 0/6 Disabled N/A
Ethernet 0/7 Disabled N/A
Ethernet 0/8 Disabled N/A
Ethernet 0/9 Disabled N/A
Ethernet 0/10 Disabled N/A
Ethernet 0/11 Disabled N/A
Ethernet 0/12 Disabled N/A
Verifying Port Security
on the Catalyst 1900
wg_sw_2950#show mac-address-table secure
wg_sw_2950#show port-security
wg_sw_2950#show mac-address-table secure
Non-static Address Table:
Destination Address Address Type VLAN Destination Port
------------------- ------------ ---- --------------------
0003.3333.3333 Secure 1 FastEthernet0/1
Verifying Port Security
on the Catalyst 2950
wg_sw_2950(config-if)#port security action {shutdown | trap}
Executing Adds, Moves, and Changes
for MAC Addresses
Adding a MAC Address
Configure port security.
Configure the MAC address.
Changing a MAC Address
Remove MAC address restrictions.
Moving a MAC Address
Add the address to a new port.
Configure port security on the
new switch.
Configure the MAC address to the
port allocated for the new user
Remove the old port configuration.
Adding a New Switch
to the Network
Determine the IP address for management purposes.
Configure administrative access for the console, auxiliary, and virtual terminal (VTY) interfaces.
Configure security for the device.
Configure the access switch ports as necessary.
wg_sw_1950#copy nvram tftp://10.1.1.1/wgswd.cfg
Configuration upload is successfully completed
wg_sw_1950#copy tftp://10.1.1.1/wgswd.cfg nvram
TFTP successfully downloaded configuration file
wg_sw_1900#copy tftp://host/src_file nvram
wg_sw_1900#copy nvram tftp://host/dst_file
Managing the Configuration File
Catalyst 1900
wg_sw_2950#copy startup-config tftp://host/dst_file
Catalyst 2950
Resets the system configuration to factory defaults
Clearing NVRAM
wg_sw_1900#delete nvram
Resets the system configuration to factory defaults
wg_sw_2950#erase startup-config
Catalyst 1900
Catalyst 2950
Summary
A Catalyst switch comes with factory default settings that can be displayed with the show command.
To configure an IP address and subnet mask on a switch, use the ip address command. To configure a default gateway, use the ip default-gateway command.
Half-duplex transmission uses collision detection. The faster full-duplex mode is used for directly connected devices where collision detection isn’t needed.
Use the duplex command to configure switch duplex options.
MAC address tables include dynamic, permanent, and static addresses. Use the mac-address-table command to set permanent and static addresses.
Summary (Cont.)
Use the mac-address-table restricted static command
to associate a restricted static address with a particular port.
Secured ports restrict the use of a port to a user-defined group of stations, set with the port secure command.
As your network endpoint topology changes by adding new devices or interfaces, or moving or changing existing ones, you may need to modify the switch configuration.
The copy command can be used to copy a configuration from or to a file server, while the delete nvram command resets the switch configuration to the factory default settings.
Visual Objective 3-1:
Configuring the Switch
Pod Switch Router Ethernet
A 10.1.1.10 10.1.1.11
B 10.1.1.20 10.1.1.21
C 10.1.1.30 10.1.1.31
D 10.1.1.40 10.1.1.41
E 10.1.1.50 10.1.1.51
F 10.1.1.60 10.1.1.61
G 10.1.1.70 10.1.1.71
H 10.1.1.80 10.1.1.81
I 10.1.1.90 10.1.1.91
J 10.1.1.100 10.1.1.101
K 10.1.1.110 10.1.1.111
L 10.1.1.120 10.1.1.121
* Một số tài liệu cũ có thể bị lỗi font khi hiển thị do dùng bộ mã không phải Unikey ...
Người chia sẻ: Nguyễn Duy Diệu
Dung lượng: |
Lượt tài: 4
Loại file:
Nguồn : Chưa rõ
(Tài liệu chưa được thẩm định)