CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Blind Folio 357 12 Initial Switch Configuration CERTIFICATION OBJECTIVES ch12.indd 357 12.01 2960 Overview 12.05 12.02 Switch Startup ✓ 12.03 Basic Switch Configuration 12.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 358 Chapter 12: Initial Switch Configuration T he 2940, 2955, and 2960 series of switches are Cisco’s current desktop and workgroup switching solution; they replace the 1900 and 2950 switches. The new switches support Fast Ethernet and Gigabit Ethernet interfaces.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 2960 Overview 359 Before you begin connecting any cables to your Cisco switches, you should become familiar with their chassis and interfaces. First, you should understand how to turn on your Cisco device, what interfaces it has, and the meanings of the various LEDs (light-emitting diodes) on the chassis. The next few sections cover this in more depth for the 2960.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 360 Chapter 12: Initial Switch Configuration TABLE 12-2 2960 SYSTEM and RPS LEDs LED Color Description SYSTEM Green The system is up and operational. Amber The system experienced a malfunction. Off The system is powered down. Green The RPS is attached and operational. Amber The RPS is installed but is not operational. Check the RPS to ensure that it hasn’t failed.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Switch Startup TABLE 12-3 Status Mode and Port LEDs 361 LED Color LED Meaning Green A powered-up physical layer connection to the device is attached to the port. Flashing green Traffic is entering and/or leaving the port. Flashing green and amber An operational problem is occurring with the port—perhaps excessive errors or a connection problem.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 362 Chapter 12: Initial Switch Configuration Switch Bootup Process For your initial access to the switch, make sure you plug the rollover cable into the switch’s console port and the other end into the COM port of your computer. Start up a terminal emulation program such as HyperTerminal, Tera Term, or PuTTY to view the command-line interface (CLI) output of the switch.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Switch Startup 363 executing... Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software – Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. Cisco Systems, Inc.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 364 Chapter 12: Initial Switch Configuration This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic . . . cisco WS-C2950-24TT-L (PowerPC405) processor (revision D0) with 61440K/4088K bytes of memory.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Switch Startup 365 configuration on the switch. When posing questions, the setup script uses brackets ([ and ]) to indicate default values. Leaving these answers blank (that is, not supplying an answer) results in the script accepting the value indicated in brackets for the configuration component.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 366 Chapter 12: Initial Switch Configuration Interface Vlan1 FastEthernet0/1 FastEthernet0/2 . . .
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Basic Switch Configuration CertCam ON THE CD 367 12.01. The CD contains a multimedia demonstration of the bootup process of a 2950 switch. At the end of the script, type 2 to accept and activate your changes, as well as save the configuration to NVRAM. Entering 0 aborts the script and 1 starts the script over, remembering what you just entered, as the defaults, for the questions you were just asked.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 368 Chapter 12: Initial Switch Configuration addressing information on the switch: an IP address associated with an interface and a default gateway address.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Basic Switch Configuration FIGURE 12-2 Simple switch configuration example 369 PC-A 10.0.1.10/24 0000.1111.AAAA PC-B 10.0.1.11/24 0000.1111.CCCC Switch-A 10.0.1.2/24 1 2 3 Router-A FA0/0: 10.0.1.1/24 0000.1111.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 370 Chapter 12: Initial Switch Configuration EXERCISE 12-1 Configuring the Switches ON THE CD In this exercise, you will create a basic configuration on the 2950 switches using Boson’s NetSim simulator on the CD-ROM switch. If you have closed the simulator since the last lab, the simulator will automatically load Chapter 11’s completed configuration. 1. Start up the simulator. Click the LabNavigator button.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Basic Switch Configuration 371 Now configure the 2950-2 switch. The commands are the same, except use the appropriate configuration information: the IP address is 192.168.1.3/24. Test connectivity to the Host-1 PC and 2950-1 switch. 1. Click the eSwitches icon in the toolbar and choose 2950-2. 2.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 372 Chapter 12: Initial Switch Configuration CERTIFICATION OBJECTIVE 12.04 Basic Switch Operation and Verification This section focuses on the basic operations of a switch, such as learning MAC addresses and basic verification commands. MAC Address Table You’ll recall that one of the three main functions of a switch is to learn which devices—that is, MAC addresses—are associated with which interfaces or ports.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Basic Switch Operation and Verification Be familiar with the output of the show mac-address-table command. If a destination MAC address is 373 not in the table (unknown), the switch will flood it. Static MAC Addresses In addition to having the switches learn MAC addresses dynamically, you can manually create static entries. You might want to do this for security reasons.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 374 Chapter 12: Initial Switch Configuration EXERCISE 12-2 ON THE CD CAM Tables The following sections deal with the CAM table and port security. This exercise will help you become more familiar with the CAM table on a 2950 switch. You’ll perform this lab using Boson’s NetSim simulator. You can find a picture of the network diagram for the simulator in the Introduction of this book. 1.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Port Security Feature 375 12. At the top of the simulator in the menu bar, click the eStations icon and choose Host-2. Enter ipconfig /all and compare the MAC address of the PC to that learned by the 2950-1 switch on fastethernet0/4. You should be more comfortable with the CAM table on Cisco switches. CERTIFICATION OBJECTIVE 12.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 376 Chapter 12: Initial Switch Configuration switch(config-if)# switchport port-security switch(config-if)# switchport port-security maximum value switch(config-if)# switchport port-security violation protect|restrict|shutdown switch(config-if)# switchport port-security mac-address MAC_address switch(config-if)# switchport port-security mac-address sticky Be familiar with configuring port security with the switchp
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Port Security Feature 377 When an interface is disabled because of a violation with port security, you can reset the interface with this Configuration mode command: errdisable recovery cause psecure-violation. The last two commands in the preceding code listing affect how the switch learns the secure MAC addresses on the interface.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 378 Chapter 12: Initial Switch Configuration Configured MAC Addresses : 1 Aging time : 0 mins Aging type : Absolute SecureStatic address aging : Disabled Security Violation count : 0 In this example, you can see that port security is enabled, the violation mode is restrict, the maximum number of MAC addresses that can be connected to the port is 1, and one MAC address has to be statically configured for the port.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Port Security Feature 379 In this example, three MAC addresses are off of FA0/1, where the first two were learned dynamically and the last one was statically configured. CertCam ON THE CD 12.03. The CD contains a multimedia demonstration of configuring and verifying port security on a switch.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 380 Chapter 12: Initial Switch Configuration CERTIFICATION SUMMARY This chapter focused on basic configuration tasks specific to Cisco Catalyst switches. The 2960 switches were introduced, including the meaning of their LEDs and the use of the MODE button. When a switch boots up, it runs POST, loads the IOS, and then loads its configuration.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Two-Minute Drill ✓ 381 TWO-MINUTE DRILL 2960 Overview ❑ The 2960 switches support Fast Ethernet and/or Gigabit Ethernet interfaces. ❑ The SYSTEM LED will be amber if the switch experiences a malfunction. ❑ The MODE button is used to change the meanings of the port LEDs.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 382 Chapter 12: Initial Switch Configuration ❑ The defaults for port security are learning one MAC address on the interface with a violation mode of shutdown. ❑ Sticky learning allows a switch to dynamically learn which MAC addresses are associated with an interface, as well as saving these in the running configuration of the switch. ch12.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Self Test 383 SELF TEST The following Self Test questions will help you measure your understanding of the material presented in this chapter. Read all the choices carefully, as there may be more than one correct answer. Choose all correct answers for each question. 2960 Overview 1. The SYSTEM LED will be __________ if the switch has experienced a malfunction. A. B. C. D. green off amber red 2.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 384 Chapter 12: Initial Switch Configuration Basic Switch Operation and Verification 6. Enter the switch command that allows you to see the contents of the port address table: __________. 7. Examine the following MAC address table on a switch. What will happen if a switch sees a frame with a destination MAC address of 0000.1111.DDDD? Switch> Vlan ---1 1 1 A. B. C. D.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 Self Test Answers 385 SELF TEST ANSWERS 2960 Overview ✓ C. The SYSTEM LED will be amber if the switch has experienced a malfunction. 1. ® ® ˚ A is incorrect because green indicates that the switch is operational. B is incorrect because the LED is off when the switch is turned off. D is not a valid color for the system LED. ✓ D. 100BaseTX uses RJ-45 connectors, not MIC connectors. MIC connectors are used for 2.
CertPrs8/CCNA® Cisco Certified Network Associate Study Guide/Richard Deal/149728-5/Chapter 12 386 Chapter 12: Initial Switch Configuration Port Security Feature ✓ A. Port security is used to prevent unauthorized access to a LAN. 8. ® ® ˚ B is incorrect because 802.1Q is a VLAN trunking protocol. C and D are used to restrict access to the switch, not to the LAN for which the switch provides connectivity. ✓ C. Dynamic, not sticky, learning is the default. 9. ® ® ˚ A, B, and D are defaults and thus incorrect.
