Note

๐Ÿ‘‰ ๐Ÿ‘‰ ⭐ For Sponsored/Guest Articles, please email us on ๐Ÿ“ง networks.baseline@gmail.com ⭐

CCNA RnS Article #20: Configure IP to Manage Switch

 

CCNA RnS Article #20: Configure IP to Manage Switch

In this article, let’s talk about where and what to configure so that a switch can be accessed remotely. A switch has multiple interfaces or ports to configure, and it is sometimes difficult for inexperienced member how to configure a switch initially so that it can be reachable remotely. So without further ado let’s deep into this.   

This article is only covering the Layer 2 functionality of the switch and we are not talking about configuring advanced features to use Layer 3 functionality. A switch by default doesn’t need an IP address to forward the frame between ports as its default configuration setting is that way that makes a Cisco Switch a plug-n-play device. There is VLAN 1 already configured and all the physical ports are in VLAN 1. All the devices in VLAN 1 can communicate with each other without any further configuration on the switch (considering all the devices are part of the same subnet).

Just as we configure a laptop or desktop with an IP address, we also need the same configuration settings for the switch to access remotely.

Figure 1: IPv4 Address setting for NIC on laptop

An Ethernet Switch has a virtual Interface called the SVI Interface or more commonly known as VLAN Interface. This virtual Interface is NIC for a Switch and you need to configure minimum IP, Subnet Mask to access the switch from your workstation in the same LAN.

As we already discussed, VLAN 1 is already configured on the switch by default and we need to configure the IP address to VLAN 1 interface.

Switch# config t

Switch(config)#interface vlan 1

Switch(config-if)#ip address 192.168.1.1 255.255.255.0

Switch(config-if)#no shutdown

Switch(config-if)#end

Switch# wr

The no shutdown command is to enable an interface administratively. You as an admin have the privilege to disable or enable an interface (physical and logical both). If an interface is in a shutdown state, it is called administratively down. To bring the interface Administratively UP, you need no shutdown command and to admin down an interface you use the shutdown command. An interface in an administrative down state does not forward the traffic.

A layer 2 switch needs an IP address that you can use to access the switch. This IP address can be configured on any VLAN interface. Yes, there can be multiple VLANs in a switch for security or segmentation purposes. By default, VLAN 1 is available, we have used the same for management. However, for security reasons and other internal communications, it is recommended not to use VLAN 1 for switch management.

As all the physical interfaces on a switch are in VLAN 1, VLAN 1 SVI interface comes up automatically and you can SSH or Telnet a switch with an IP address configured on VLAN 1. Sometimes, when you configure another VLAN for management, let’s say VLAN 10. You need to make sure at least one physical interface on the switch is assigned to VLAN 10. Else, the SVI interface for VLAN 10 will not come up and you will not be able to access the switch using the IP configured on SVI VLAN 10.

You are good with your Local network limited to a single site/room/area where the hosts are connected to the same switch directly using Ethernet connections.  To communicate with other hosts as they are in the same VLAN 1. In a layer 2 switch scenario, if you want to send traffic to the internet, or some other network – you need the same “default gateway” IP address that we configure on a PC or Laptop. It has the same function in the L2 switching environment.

The default Gateway is generally a Broadband modem at home or a router in an Enterprise network. Its role is to connect multiple networks together and make communication possible between different networks. The command to configure the default gateway in the switch is –

Switch(config)#ip default-gateway 192.168.1.254

Other commands to help you

There is a lot that happens in a switch when it is UP and forwarding traffic in a network. All that is events or messages that log into the memory. But when you are connected to a switch using a console cable these messages keep flashing on the screen. Sometimes it is frustrating as these messages may appear anytime I mean when you type a command or execute a command and observe the output.

You can disable this feature by using the no logging console command and revert to the original setting using the logging console command. There is another command logging synchronous to tell the system to synchronize these unsolicited messages with show command output.  

Console connections are automatically terminated after 5 minutes if you don’t do anything in this session. The exec-timeout command tells the device to increase or decrease the inactivity time in the console session.

Switch(config-line)#exec-timeout 10

The above command tells the switch to disconnect the session after 10 minutes if the administrator doesn’t perform any action. The value of “0” tells the switch never time out the console session.

Switch(config-line)#exec-timeout 0 0

And finally, a command that saves your time when you mistype any command. You can execute a command when the command prompt is available to take command.

! Command prompt to take commands

Hostname#

When you mistype a command, the switch thinks it is a domain name that you want to resolve, and it waits for domain responses to come before you can type the correct command. It is sometimes very frustrating. You can use a no ip domain-lookup command to disable name resolution to IP address. I hope you find this informative!

   Continue Reading...


No comments