Setting up a Cisco Switch from Scratch

This blog is probably going to be really “no-duh” for most people. But I’ve had questions over the years on how to setup a switch from scratch and how to enable management from it remotely. So, I wiped my switch config and started over. After reloading the switch I was brought to the “Initial Configuration Dialog”. You can either choose to go through that or not. The initial config is basically just getting an IP address setup for management, setting up a username and setting up the “enable” password. You can see below what the init dialog looks like.

init-config

From there, you’ll have just a few more things to do in order to have a base config up and running, and enable remote access. We need to create a certificate, specify the domain name, secure SSH, and then setup the VTY lines. Let’s get that done here:

Erdmanor3750G#  conf t
Erdmanor3750G(config)#  
Erdmanor3750G(config)#  ip domain-name erdmanor.com
Erdmanor3750G(config)#  
Erdmanor3750G(config)#  crypto key generate rsa general-keys modulus 2048
The name for the keys will be: Erdmanor3750G.erdmanor.com

% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys... [OK]
00:15:32 %SSH-5-ENABLED: SSH 1.99 has been enabled

Erdmanor3750G(config)#  
Erdmanor3750G(config)#  ip ssh version 2
Erdmanor3750G(config)#  
Erdmanor3750G(config)#  line vty 0 15
Erdmanor3750G(config-line)#  
Erdmanor3750G(config-line)#  transport input ssh
Erdmanor3750G(config-line)#  login local
Erdmanor3750G(config-line)#  exit
Erdmanor3750G(config)#  
Erdmanor3750G(config)#  username steve privilege 15 password MyP@ssW0rd
Erdmanor3750G(config)#  
Erdmanor3750G(config)#  service password-encryption
Erdmanor3750G(config)#


Now we can go back to our Linux box and log in from the command line.

steve @ debianvm ~ :) ##   ssh 3
The authenticity of host '192.168.86.3 (192.168.86.3)' can't be established.
RSA key fingerprint is 11:4e:b6:34:72:23:9a:0f:03:28:f0:e2:c9:b7:cc:20.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.86.3' (RSA) to the list of known hosts.
steve@192.168.86.3's password:
Erdmanor3750G#
Erdmanor3750G#exit
Connection to 192.168.86.3 closed.
steve @ debianvm ~ :) ##


Hope this was helpful!



http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_53_se/configuration/guide/2960scg/swauthen.html

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
Tagged , , , . Bookmark the permalink.

Comments are closed.