Back to Networking

Cisco Switch Setup

Initial configuration and management

CiscoSwitching

Initial Console Access

Connection Settings

  • * Baud rate: 9600
  • * Data bits: 8
  • * Parity: None
  • * Stop bits: 1
  • * Flow control: None

First Boot

! Skip initial configuration dialog
Would you like to enter the initial configuration dialog? [yes/no]: no

! Enter privileged exec mode
Switch> enable

! Enter global configuration
Switch# configure terminal

Basic Configuration

Essential Settings

! Set hostname
hostname SW-CORE-01

! Set domain name
ip domain-name example.local

! Create management VLAN
vlan 10
 name Management

! Configure management interface
interface vlan 10
 ip address 10.10.10.2 255.255.255.0
 no shutdown

! Set default gateway
ip default-gateway 10.10.10.1

! Generate SSH keys
crypto key generate rsa modulus 2048

! Create admin user
username admin privilege 15 secret YourSecurePassword

! Enable SSH access
line vty 0 15
 transport input ssh
 login local

! Disable HTTP server
no ip http server
no ip http secure-server

Save Configuration

! Save running config to startup
copy running-config startup-config
! or shorthand
write memory

Port Configuration

Access Port (End Device)

interface GigabitEthernet0/1
 description User Workstation
 switchport mode access
 switchport access vlan 30
 spanning-tree portfast
 spanning-tree bpduguard enable

Trunk Port (Switch-to-Switch)

interface GigabitEthernet0/24
 description Uplink to Core
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport trunk allowed vlan 10,20,30,40
 switchport trunk native vlan 999

Range Configuration

! Configure multiple ports at once
interface range GigabitEthernet0/1-20
 switchport mode access
 switchport access vlan 30
 spanning-tree portfast

Security Hardening

Port Security

interface GigabitEthernet0/1
 switchport port-security
 switchport port-security maximum 2
 switchport port-security violation restrict
 switchport port-security mac-address sticky

Unused Ports

! Disable unused ports
interface range GigabitEthernet0/21-23
 shutdown
 switchport access vlan 999
 description UNUSED

Verification Commands

show running-config
show vlan brief
show interfaces status
show interfaces trunk
show ip interface brief
show mac address-table
show spanning-tree
show port-security
Back to Networking