To access the switch remotely, you must configure an IP address and a subnet mask on the switch virtual interface (SVI). To configure an SVI on a switch, use the interface vlan 1 global configuration command. VLAN 1 is not an actual physical interface but a virtual one. Next, assign an IPv4 address using the ip address ip-address subnet-mask interface configuration command. Finally, enable the virtual interface using the no shutdown interface configuration command.
After the switch is configured with these commands, as shown in Example 19-2, the switch has all the IPv4 elements ready for communication over the network.
Example 19-2 SVI Configuration
Sw-Floor-1#
configure terminal
Sw-Floor-1(config)#
interface vlan 1
Sw-Floor-1(config-if)#
ip address 192.168.1.20 255.255.255.0
Sw-Floor-1(config-if)#
no shutdown
Sw-Floor-1(config-if)#
exit
Sw-Floor-1(config)#
ip default-gateway 192.168.1.1
Note
Similar to Windows hosts, switches configured with an IPv4 address typically also need to have a default gateway assigned. This can be done using the ip default-gateway ip-address global configuration command. The ip-address parameter would be the IPv4 address of the local router on the network, as shown in Example 19-2. However, in this section, you configure a network only with switches and hosts. Routers will be configured later.
Syntax Checker—Configure a Switch Virtual Interface (19.1.3)
Refer to the online course to complete this activity.
Packet Tracer—Implement Basic Connectivity (19.1.4)
In this activity, you will first perform basic switch configurations. Then you will implement basic connectivity by configuring IP addressing on switches and PCs. When the IP addressing configuration is complete, you will use various show commands to verify configurations and use the ping command to verify basic connectivity between devices.
Configure Initial Router Settings (19.2)
The basic router configuration is similar to that of a switch. However, the function and interfaces on a router are different, and therefore, some differences exist.
Basic Router Configuration Steps (19.2.1)
The following tasks should be completed when configuring initial settings on a router:
Step 1. Configure the device name.
Router(config)#
hostname
hostname
Step 2. Secure privileged EXEC mode.
Router(config)#
enable secret
password
Step 3. Secure user EXEC mode.
Router(config)#
line console 0
Router(config-line)#
password
password
Router(config-line)#
login
Step 4. Secure remote Telnet/SSH access.
Router(config-line)#
line vty 0 4
Router(config-line)#
password
password
Router(config-line)#
login
Router(config-line)#
transport input {ssh | telnet | none | all}
Step 5. Secure all passwords in the config file.
Router(config-line)#
exit
Router(config)#
service password-encryption
Step 6. Provide legal notification.
Router(config)#
banner motd
delimiter message delimiter
Step 7. Save the configuration.
Router(config)#
copy running-config startup-config
Basic Router Configuration Example (19.2.2)
In Example 19-3, router R1 is configured with initial settings. To configure the device name for R1, use the commands shown in this example.
Example 19-3 Device Name Configuration
Router>
enable
Router#
configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Router(config)#
hostname R1
R1(config)#
Note
The router prompt now displays the router host name.
All router access should be secured. Privileged EXEC mode provides users with complete access to the device and its configuration, so you must secure it.
The commands in Example 19-4, secure privileged EXEC mode and user EXEC mode, enable Telnet and SSH remote access, and encrypt all plaintext (that is, user EXEC and vty line) passwords. It is very important to use a strong password when securing privileged EXEC mode because this mode allows access to the configuration of the device.