CCNA RnS Article #20: Configure IP to Manage Switch
CCNA RnS Article #20: Configure IP to Manage Switch
In this article, let’s talk about where and what to
configure so that a switch can be accessed remotely. A switch has multiple
interfaces or ports to configure, and it is sometimes difficult for inexperienced
member how to configure a switch initially so that it can be reachable remotely.
So without further ado let’s deep into this.
This article is only covering the Layer 2 functionality of
the switch and we are not talking about configuring advanced features to use Layer
3 functionality. A switch by default doesn’t need an IP address to forward the
frame between ports as its default configuration setting is that way that makes
a Cisco Switch a plug-n-play device. There is VLAN 1 already configured and all
the physical ports are in VLAN 1. All the devices in VLAN 1 can communicate with
each other without any further configuration on the switch (considering all the
devices are part of the same subnet).
Just as we configure a laptop or desktop with an IP address,
we also need the same configuration settings for the switch to access remotely.
Figure 1:
IPv4 Address setting for NIC on laptop
An Ethernet Switch has a virtual Interface called the SVI
Interface or more commonly known as VLAN Interface. This virtual Interface is
NIC for a Switch and you need to configure minimum IP, Subnet Mask to access
the switch from your workstation in the same LAN.
As we already discussed, VLAN 1 is already configured on the
switch by default and we need to configure the IP address to VLAN 1 interface.
Switch# config t
Switch(config)#interface
vlan 1
Switch(config-if)#ip
address 192.168.1.1 255.255.255.0
Switch(config-if)#no
shutdown
Switch(config-if)#end
Switch# wr
A layer 2 switch needs an IP address that you can use to
access the switch. This IP address can be configured on any VLAN interface. Yes,
there can be multiple VLANs in a switch for security or segmentation purposes. By
default, VLAN 1 is available, we have used the same for management. However,
for security reasons and other internal communications, it is recommended not
to use VLAN 1 for switch management.
As all the physical interfaces on a switch are in VLAN 1, VLAN
1 SVI interface comes up automatically and you can SSH or Telnet a switch with
an IP address configured on VLAN 1. Sometimes, when you configure another VLAN
for management, let’s say VLAN 10. You need to make sure at least one physical
interface on the switch is assigned to VLAN 10. Else, the SVI interface for VLAN
10 will not come up and you will not be able to access the switch using the IP configured
on SVI VLAN 10.
You are good with your Local network limited to a single site/room/area
where the hosts are connected to the same switch directly using Ethernet
connections. To communicate with other
hosts as they are in the same VLAN 1. In a layer 2 switch scenario, if you want
to send traffic to the internet, or some other network – you need the same “default
gateway” IP address that we configure on a PC or Laptop. It has the same
function in the L2 switching environment.
The default Gateway is generally a Broadband modem at home or
a router in an Enterprise network. Its role is to connect multiple networks together
and make communication possible between different networks. The command to
configure the default gateway in the switch is –
Switch(config)#ip
default-gateway 192.168.1.254
Other commands to help you
There is a lot that happens in a switch when it is UP and forwarding
traffic in a network. All that is events or messages that log into the memory.
But when you are connected to a switch using a console cable these messages keep
flashing on the screen. Sometimes it is frustrating as these messages may appear
anytime I mean when you type a command or execute a command and observe the
output.
You can disable this feature by using the no logging console command and revert to the original
setting using the logging console
command. There is another command logging synchronous
to tell the system to synchronize these unsolicited messages with show command
output.
Console connections are automatically terminated after 5 minutes
if you don’t do anything in this session. The exec-timeout command tells the device
to increase or decrease the inactivity time in the console session.
Switch(config-line)#exec-timeout
10
The above command tells the switch to disconnect the session
after 10 minutes if the administrator doesn’t perform any action. The value of “0”
tells the switch never time out the console session.
Switch(config-line)#exec-timeout
0 0
And finally, a command that saves your time when you mistype
any command. You can execute a command when the command prompt is available to
take command.
! Command prompt to take commands
Hostname#
When you mistype a command, the switch thinks it is a domain name that you want to resolve, and it waits for domain responses to come before you can type the correct command. It is sometimes very frustrating. You can use a no ip domain-lookup command to disable name resolution to IP address. I hope you find this informative!
- CCNA RnS Article #20: Configure IP to Manage Switch
- CCNA RnS Article #19: Configuring Secure Shell (SSH)!
- CCNA RnS Article #18: Secure Switch Management Plane!
- CCNA RnS #17: Switching Process
- CCNA RnS #16: Campus vs Data Center Network
- CCNA RnS #15: Memory Types - The Network DNA
- CCNA RnS #14 - CLI Introduction! - The Network DNA
- CCNA RnS #13: CSMA/CD - The Network DNA
- CCNA RnS #12 : Ethernet Frame Type & FCS Field!
- CCNA RnS #11: Ethernet/MAC Addressing - The Network DNA
