Switch and End Device Configuration

Questions and Answers

Which of the following is an example of an intermediary or interconnecting device?

• IP Camera
• Smartphone
• Router (correct)
• Laptop

The Cisco Internetwork Operating System (IOS) is stored in RAM and is lost when the device is powered off.

False (B)

What command is used to save the changes made in running configuration to the NVRAM?

copy running-config startup-config

The _________ command is used to remotely access a device's CLI, but is less secure than SSH due to its lack of encryption.

telnet

Match the following Cisco IOS modes with their descriptions:

User EXEC Mode = First level of access to the IOS CLI, limited commands available. Privileged EXEC Mode = Provides access to all commands and features, requires 'enable' command. Global Configuration Mode = Used to configure global settings for the device. Interface Configuration Mode = Used to configure specific interfaces on the device.

Which command is used to enter global configuration mode from privileged EXEC mode?

configure terminal (A)

The disable command is used to switch from user EXEC mode to privileged EXEC mode.

False (B)

In Cisco IOS, what command can be used to get a list of available commands or options for a specific command?

?

The IOS command show ______ displays the MAC address table on a switch.

mac-address-table

Match the hotkey/shortcut with their function in Cisco IOS:

Tab = Completes the remainder of the command or keyword Ctrl+R = Redisplays a line Ctrl+Z = Exits configuration mode and returns to the EXEC Ctrl+C = Aborts the current command and exits the configuration mode

Which of the following commands is used to view a device's current configuration file?

show running-config (D)

The startup configuration file is stored in RAM.

False (B)

What command is used to erase the startup configuration on a Cisco device?

erase startup-config

To prevent unauthorized access, the _________ should be configured with passwords.

console

Match the password type with its function in Cisco IOS:

Console Password = Secures access to the device via the console port. Enable Password = Secures access to privileged EXEC mode. Enable Secret Password = An encrypted password that also secures access to the privileged EXEC mode; overrides the enable password, if set. VTY Password = Secures remote access to the device via Telnet or SSH.

Which command is used to encrypt all cleartext passwords stored in the configuration file?

service password-encryption (C)

The banner motd command is used to display a message to users before they log into the device.

True (A)

What command is used to assign an IP address and subnet mask to an interface in Cisco IOS?

ip address

To enable an interface, use the no ______ command.

shutdown

Match the ping result indicator with its meaning:

! = Indicates receipt of an ICMP echo reply . = Indicates a timed out while waiting for a reply U = Indicates an ICMP unreachable message was received

What is the purpose of establishing a network baseline?

To monitor and troubleshoot network performance (B)

A ping sweep is used to collect running configuration files from multiple devices.

False (B)

Which command, when performed from a Windows command prompt, is used to trace the route to a destination?

tracert

The loopback address, _________, is used to test the internal configuration of a device.

127.0.0.1

Which command displays the ARP table of a device?

show arp (C)

A console connection requires an active Layer 3 address on the device.

False (B)

What is the file extension of the Cisco IOS image file?

There is no file extension mentioned.

The Cisco IOS is designed as a ________ operating system.

modal

Match the following concepts:

End Devices = PCs, Laptops, Smartphones Console = Uses a low-speed serial connection Ping = Effective tool used to test connectivity

The console port on a network switch is typically accessible even if:

The device has not been configured with any networking services (C)

The Secure Shell (SSH) protocol offers weaker password authentication compared to Telnet.

False (B)

To configure hostname on the device, which mode in the CLI we should use?

Global configuration mode

To negate the effects of a command, preface the command with the _________ keyword.

no

Match the command with the router mode:

enable = Privileged EXEC Mode configure terminal = Global Configuration Mode interface = Interface Configuration Mode

VTY lines allow access to a router via:

Telnet (B)

By default, Cisco routers are DCE devices.

False (B)

What is the first step to back up configuration with Text Capture (HyperTerminal)?

On the Transfer menu, click Capture Text.

If you are performing a trace from a Windows computer, you should use the _________ command.

tracert

Match the following command with its meaning:

copy running-config tftp = The running configuration file and the startup configuration file can be stored to a TFTP server. erase startup-config = To remove the startup configuration

The address for a switch is assigned to

a virtual interface represented as a Virtual LAN interface (VLAN). (C)

Ping uses the ICMP protocol to check for connectivity.

True (A)

What is the default hostname assigned to a router?

Router

Flashcards

End Devices

Devices such as PCs, laptops, tablets, smartphones, IP Cameras, IP Phones, Servers, etc.

Intermediary Devices

Devices such as Routers, Switches, Wireless Access Points and Firewalls.

Network Operating System

The operating system on a network device.

Cisco IOS

The system software in Cisco devices.

Command Line Interface (CLI)

A text-based interface used to configure and manage network devices.

Console Access

A low-speed serial connection to connect directly to a router or switch.

Console Port

A management port that provides out-of-band access to a router.

Telnet

A method for remotely accessing a CLI session on a router.

Secure Shell (SSH)

A secure alternative to Telnet that provides encrypted communication.

Running Configuration File

A configuration file used during the current operation of the device, stored in RAM.

Startup Configuration File

A configuration file loaded when the device is restarted, stored in NVRAM.

User Executive Mode

The first level of access to the CLI, with limited commands.

Privileged Executive Mode

A higher level of access in the CLI, allowing configuration and management commands.

Global Configuration Mode

A CLI mode used to make global configurations to the device.

Specific Configuration Modes

A CLI mode used to configure specific parts of the device, like interfaces.

Ping

A command used to test connectivity to another device.

Traceroute

A command to trace the path of a packet across a network.

Context-Sensitive Help

Provides a list of commands and arguments at any prompt via a question mark.

Command Syntax Check

IOS checks for ambiguity, incompleteness and incorrect syntax.

Show Version

Shows current IOS, uptime, and interfaces.

Show Running-Config

Shows the current active configuration.

Show Startup-Config

Shows saved configuration in NVRAM.

Save Configuration Command

Copies the running configuration to the startup configuration.

Configure Hostname

Changes the device’s name in the CLI.

Console Password

Used for console access security.

Enable Password

A password for elevated privileges.

Enable Secret Password

The encrypted version of the enable password.

VTY Password

Passwords for remote Telnet access.

MOTD Banner

A welcome message to users connecting to a network device.

Backup to TFTP

Copies the configuration to a TFTP server for backup.

Erase Startup-Config

Removes startup-config from NVRAM.

Configure Ethernet Interface

Assigns an address (IP) and subnet mask to a router ethernet interface.

Interface Description

Indicates the purpose of a network interface.

Ping Command

An effective way to test network connectivity.

Local Loopback Test

Verifies protocol stack operation.

Tracert

Traces the route to a destination from Windows .

Traceroute

Traces the route to a destination on a router CLI.

ARP Command

Mapping from a physical address to a known IPv4.

Show MAC Address-Table

To see connected devices.

Study Notes

Basic Switch and End Device Configuration

• Chapter 2 outlines the basic configuration of switches and end devices.

Device Types

• End devices include PCs, laptops, tablets, smartphones, IP Cameras, IP Phones, and Servers.
• Intermediary or Interconnecting Devices include Routers, Switches, Wireless Access Points and Firewalls.
• The operating system enables the hardware to function.
• The operating system on a network device is a Network Operating System.

Cisco IOS

• Cisco Internetwork Operating System (IOS) is the system software in Cisco devices.
• Services are often accessed via a command line interface (CLI).
• The IOS file is several megabytes in size.
• IOS file is stored in Flash memory, which is non-volatile.
• IOS is copied into RAM when the device is powered on.

CLI Access Methods

• CLI environment can be accessed via console (CTY), Telnet/SSH, or AUX port.

Console Access

• Console uses a low speed serial connection to connect a computer/terminal to the console port on the router/switch.
• The console port is a management port which provides out-of-band access to a router.
• The console port can be accessed even with no networking services configured.
• The console should be configured with passwords which prevent unauthorized device access.

Telnet and SSH

• Telnet allows remote CLI session access.
• The network device needs at least one active interface configured with a Layer 3 address like an IPv4 address.
• A Telnet client can access vty sessions running on the Cisco device.
• Telnet sessions use a password for minimum authentication.
• Secure Shell (SSH) protocol is more secure than Telnet, which provides password authentication and utilizes encryption.

AUX Port

• CLI sessions can be established via telephone dialup using a modem connected to a router's AUX port.
• Not all routers have an auxiliary port.

Configuration Files

• There are two types of configuration files: running and startup.
• The running configuration file is used during the current operation which is stored in RAM.
• The startup configuration file is loaded when the device is restarted and stored in NVRAM, loading into RAM at restart.
• Configuration files are stored remotely on a server like a TFTP server as a backup.

Cisco IOS Modes

• Cisco IOS is designed as a modal operating system.
• User Executive mode prompt is >, for first entrance into the CLI.
• Privileged executive mode prompt is #, also called "enable" mode, used for configuration and management command execution.
• "enable" and "disable" change the CLI between user EXEC and privileged EXEC modes, respectively.
• To switch between User and Privileged Modes, type "Router>enable".
• If password authentication is configured, type "Router>enable" then "Password" then "Router#".
• Disable command returns from privileged EXEC to user EXEC mode.

Other Configuration Modes

• Global configuration mode which has a (config)# prompt, is used to do global configurations.
• Pass from privileged mode to global config mode by using "Router#configure terminal".
• Specific configuration modes which have a (config-if)# prompt, does specific configurations to the device.
• To configure interface fa0/1 is "Router(config)#interface fa0/1" then the prompt changes to "Router(config-if)#".
• To exit a specific configuration mode, enter "exit" at the prompt.
• To completely leave configuration mode, enter "end" or use the key sequence Ctrl-Z.

Ping and Trace Commands

• Ping is executed with "Router>ping IP address" or "Router>ping 10.10.10.5".
• Traceroute is executed with "Switch>traceroute IP address" or "Switch>traceroute 192.168.254.254".

Help Features

• Context-sensitive help lists commands and arguments and is accessed by entering a question mark (?) at any prompt.
• Command Syntax Check has three error messages: Ambiguous command, Incomplete command, and Incorrect command.

Hot Keys and Shortcuts

• Tab completes the command or keyword
• Ctrl-R redisplays a line
• Ctrl-Z exits configuration mode.
• Down Arrow allows user to scroll forward through former commands.
• Up Arrow allows user to scroll backward through former commands.
• Ctrl-Shift-6 interrupts an IOS process, like ping or traceroute.
• Ctrl-C aborts the current command and exits the configuration mode.

Show Command

• Show command is the examination command.
• "#show version" shows the Software Version (IOS version stored in flash).
• "#show version" shows the Bootstrap Version which is stored in Boot ROM.
• "#show version" shows the System up-time which is the time since last reboot.
• "#show version" shows the System restart info which is the method of restart.
• "#show version" shows the Software image name which is the IOS filename stored in flash.
• "#show version" shows Router Type and Processor type which is the model number and processor type
• "#show version" shows Memory type and allocation (Shared/Main) which is the main Processor RAM and Shared Packet I/O buffering
• "#show version" shows Software Features which refers to supported protocols / feature sets.
• "#show version" shows Hardware Interfaces which are the interfaces available on router.
• "#show version" shows Configuration Register which sets bootup specifications and console speed setting.
• "show arp" displays the ARP table of the device.
• "show mac-address-table" displays the MAC table of a switch.
• "show startup-config" displays the saved configuration located in NVRAM.
• "show running-config" displays the contents of the currently running configuration file.
• When a command returns more output than can be displayed on a single screen, press the Spacebar to view the next portion or press the Enter key for only the next line.

Save Configuration

• The running configuration is saved to the startup configuration file with the command "Router#copy running-config startup-config".

Configure Hostname

• Routers use a factory-assigned hostname value of "Router", while switches use "Switch".
• To configure a hostname:
  • Router#configure terminal
  • Router(config)#
  • Router(config)#hostname AtlantaHQ
  • AtlantaHQ(config)#
• To negate the effects of a command, preface the command with the no keyword: AtlantaHQ(config)# no hostname

Configuring Passwords and Banners

• Types of Passwords include console, enable, vty, and enable secret.
• Console password configuration:
  • Switch(config)#line console 0
  • Switch(config-line)#password password
  • Switch(config-line)#login
• Zero represents the first console interface for a router.
• To configure an Enable password: Router(config)#enable password password
• To configure an Enable secret password: Router(config)#enable secret password
• vty lines allow access to a router via Telnet where Cisco devices support 5 VTY lines numbered 0 to 4 by default.
• To configure a password for vty lines:
• Router(config)#line vty 0 4
• Router(config-line)#password password
• Router(config-line)#login
• Enable password encryption using the command "(config)#service password-encryption"
• This command enables encryption of passwords when configured.
• A common banner is the MOTD (message of the day).
• To configure MOTD: Switch(config)#banner motd # message #

Backing up Configurations Offline

• Running and startup configuration files can be stored to a TFTP server.
• The command is #copy running-config tftp, will require the IP address of the host to be entered.
• It is necessary to assign a name to the configuration file.

Removing Startup Configuration

• The following will remove the startup configuration: Router#erase startup-config
• After removing the startup configuration from NVRAM, reload the device.

Backup Configurations with Text Capture using HyperTerminal

1. On the Transfer menu, click Capture Text.
2. Choose a location.
3. Click Start to begin capturing text.
4. Execute the show running-config or show startup-config command at the privileged EXEC prompt.
5. Check output to verify it was not corrupted.

Backup Configurations with Text Capture (TeraTerm)

1. On the File menu, click Log.
2. TeraTerm will begin capturing text and choose the location.
3. Execute the show running-config or show startup-config command at the privileged EXEC prompt
4. Select Close in the TeraTerm: Log window, when the capture is complete.
5. Check the output to verify that it was not corrupted.

Restoring Text Configurations

• The device is set in global configuration mode to receive commands.
• To restore with HyperTerminal:

1. Locate the file and open the text document.
2. Copy the text.
3. On the Edit menu, click paste to host.

• To restore with TeraTerm:

1. On the File menu, click Send file.
2. Locate the file and click Open.
3. TeraTerm will paste the file into the device.

Configuring Interfaces

• Every router interface has a unique IPv4 address and subnet mask.
• To configure an Ethernet interface:
  • Router(config)#interface FastEthernet 0/0
  • Router(config-if)#ip address ip_address netmask
  • Router(config-if)#no shutdown

Serial Interfaces

• Serial interfaces need a clock signal to control communications timing.
• The DCE device like a CSU/DSU provides the clock in most environments.
• Cisco routers are DTE devices by default, but are configured as DCE devices.
• Configuration:
  • Router(config)#interface Serial 0/0/0
  • Router(config-if)#clock rate 56000
  • Router(config-if)#no shutdown

Interface Description

• Interface description indicates the purpose.
• Configuration:
  • HQ-switch1(config)#interface fa0/0
  • HQ-switch1(config-if)#description Connects to main
  • switch in Building A

Switch Interface Configuration

• To manage a switch via Telnet or SSH, assign an IP address.
• A switch address is assigned to a virtual VLAN interface where VLAN 1 is used most of the time.
• It is necesary to define a the "ip default-gateway" command so the switch can communicate outside the local network.

Ping Command

• The Ping command effectively tests connectivity.
• Ping uses the ICMP protocol to check for connectivity (Echo Request and Echo Reply).
• Results:
  • ! indicates receipt of an ICMP echo reply
  • . indicates a timed out while waiting for a reply
  • U indicates an ICMP unreachable message was received

Ping Testing

• Test 1: Local Loopback (verifies the proper operation of the protocol stack while 127.0.0.1 is called a loopback address. "C:>ping 127.0.0.1"
• Test 2: Local NIC (verifies that the NIC driver and most of the NIC hardware have worked correctly "C:>ping 192.168.23.3")
• Test 3: Ping Local Gateway. "C:>ping 192.168.23.254"
• Test 4: Ping Remote Host "C:>ping 192.168.11.1"

Trace Command

• Use tracert when running a trace from Windows.
• Use traceroute when running a trace from a router CLI.

Basic Network Baselines

• Establishing a network baseline is effective for monitoring and troubleshooting network performance.
• A baseline studies the network to ensure it's working as designed.
• Begin a baseline by copying/pasting results from ping, trace, or commands into a text file, stamping it with the date and saving it.

ARP Command

• The arp command maps physical addresses to known IPv4 addresses.
• C:\host1>arp –a which lists all devices in the ARP cache showing the IPv4/physical address/addressing type.
• The router cache can be cleared with "arp-d" to allow the repopulation of the cache.

Ping Sweep

• ping sweep employs a range of IP addresses to collect MAC addresses.
• A range of hosts is specified to ping with one command.
• Ping Sweep network data is generated in two ways: a table of responding hosts and IP/MAC addresses.
• A ping sweep makes an ARP request to get the MAC address when each ping is attempted, while activating each host with recent access and ensure that ARP is current.

Show MAC Table

• "Sw1-2950#show mac address-table" which displays how many hosts are connected to a switch.