Module 2: Basic Switch and End Device Configuration

IPv6 Addresses - Explained

- 128 bits in length and written as a string of hexadecimal values - Every four bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal values - Groups of four hexadecimal digits are separated by a colon

Privileged EXEC Mode

- Allows access to all commands and features - Identified by the CLI prompt that ends with the # symbol

User EXEC Mode

- Allows access to only a limited number of basic monitoring commands - Identified by the CLI prompt that ends with the > symbol

VTY Lines

- Enable remote access using Telnet or SSH to the device. - Many Cisco switches support up to 16 VTY lines that are numbered 0 to 15

Securing Privileged EXEC mode access

- First enter global configuration mode - Next, use the enable secret password command

There are Several Terminal Emulation Programs

- PuTTY - Tera Term - SecureCRT

Alter the Running Configurations - Restore: Not Saved

- Remove the changed commands individually - Reload the device using the reload command in privilege EXEC mode: device briefly goes offline = network downtime.

Guideline for naming devices

- Start with a letter - Contain no spaces - End with a letter or digit - Use only letters, digits, and dashes - Be less than 64 characters in length

Configuration Files - Two System Files that Store the Device Configuration

- Startup-config - Running-config

Configuration Files - Running-Config

- This is stored in Random Access Memory (RAM) - It reflects the current configuration. - Modifying a running configuration affects the operation of a Cisco device immediately - RAM is volatile memory - It loses all of its content when the device is powered off or restarted

Configuration Files - Startup-Config

- This is the saved configuration file that is stored in NVRAM - It contains all the commands that will be used by the device upon startup or reboot - Flash does no lose its contents when the device is powered off

Types of Network Media

- Twisted-pair copper cables - Fiber-optic cables - Coaxial cables - Wireless

CLI-based Network Technician to do the Following:

- Use a keyboard to run CLI-based network programs - Use a keyboard to enter text and text-based commands - View output on a monitor

PC Operating System Enables a User to do the Following:

- Use a mouse to make selections and run programs - Enter text and text-based commands

Primary Command Modes

- User EXEC Mode - Privileged EXEC Mode

GUI Examples

- Windows - macOS - Linux KDE - Apple iOS - Android

IPv4 Subnet Mask

A 32-bit value that differentiates the network portion of the address from the host portion.

Banner Messages

A banner message is important to warn unauthorized personnel from attempting to access the device

Device Names - Default

All devices are assigned a factory default name - For example, a Cisco IOS switch is "Switch"

Password Guidelines - Limit Administrative Access

All networking devices should limit administrative access by securing privileged EXEC, user EXEC, and remote Telnet access with passwords.

Password Guidelines - Encryption

All passwords should be encrypted and legal notifications provided

Hot Keys and Shortcuts - Ctrl-Shift-6

All-purpose break sequences used to abort DNS lookups, traceroutes, pings, etc

Password Guidelines - Avoid

Avoid using the same password for all devices

IOS Command Syntax Check - [x {y | z}]

Braces and vertical lines within square brackets indicate a required choice within an optional element. Spaces are used to clearly delineate parts of the command.

IOS Command Syntax Check - {x}

Braces indicate a required element (keyword or argument)

The Structure of an IPv4 address

Called doted decimal notation and is represented by four decimal numbers between 0 and 255

Commands and Keywords Shortened

Can be shortened to the minimum number of characters that identify a unique selection.

CLI

Command Line Interface

Kernel

Communicates between the hardware and software of a computer and manages how hardware resources are used to meet software requirements

Hot Keys and Shortcuts - Tab

Completes a partial command name entry

Capture Configuration to a Text File

Configuration files can also be saved and archived to a text document

Capture Configuration to a Text File - Step 4

Disable logging in the terminal software

"--More--" Prompt Hot Keys and Shortcuts - Enter Key

Displays the next line

"--More--" Prompt Hot Keys and Shortcuts - Space Bar

Displays the next screen

Differences Between Various Types of Media - Distance

Distance the media can successfully carry a signal

Password Guidelines - Common Words

Do not use common words because they are easily guessed

Capture Configuration to a Text File - Step 2

Enable logging in to the terminal software and assign a name and file location to save the log file

Securing User EXEC Mode Access - Third

Enable user EXEC access using the login command

Context-Sensitive Help

Enables you to quickly find answers to these questions: - Which commands are available in each command mode? - Which commands start with specific characters or group of characters? - Which arguments and keywords are available to particular commands?

Network Communications Depend On

End user device interfaces, networking device interfaces, and the cables that connect them

"--More--" Prompt Hot Key Commands - Any Other Key

Ends the display string, returning to privileged EXEC mode

Securing User EXEC Mode Access - First

Enter line console configuration mode using the line console 0 command in global configuration mode

Hot Keys and Shortcuts - Backspace

Erases the character to the left of the cursor

Secure Shell (SSH)

Establishes a secure remote CLI connection to a device, through a virtual interface, over a network. - Note: This is the recommended method for remotely connecting to a device

Telnet

Establishes an insecure remote CLI connection to a device over the network - Note: User authentication, passwords and commands are sent over the network in plaintext

Capture Configuration to a Text File - Step 3

Execute the show running-config or show startup-config command at the privileged EXEC prompt. - Text displayed in the terminal window will be placed into the chosen file

GUIs Can

Fail, crash, or simply not operate as specified. For these reasons, network devices are typically accessed through a CLI

Securing VTY Line Access - Third

Finally, enable VTY access using the login command

Securing VTY Line Access - First

First enter line VTY configuration mode using the line vty 0 15 command in global configuration mode

GUI

Graphical User Interface

IPv6 Addresses - Case-Sensitivity

IPv6 addresses are not case-sensitive and can be written in either lowercase or uppercase

Command Syntax - Italics

Indicates arguments for which you supply values

IOS Command Syntax - Boldface

Indicates commands and keywords that you enter literally as shown

Hot Keys and Shortcuts - Left Arrow or Ctrl+B

Moves the cursor one character to the left

Hot Keys and Shortcuts - Right Arrow or Ctrl+F

Moves the cursor one character to the right

Sub-Configuration Modes - Move out

Of any sub-configuration mode, use the exit command. - To return to privilege EXEC mode, use the end command or key combination Ctrl +z

Capture Configuration to a Text File - Step 1

Open terminal emulation software, such as PuTTY or Tera Term, that is already connected to a switch

Hot Keys and Shortcuts - Up Arrow or Ctrl+P

Recalls the commands in the history buffer, beginning with the most recent commands

Securing VTY Line Access - Second

Specify the VTY password using the password password conmmand

Securing User EXEC Mode Access - Second

Specify the user EXEC mode password using the password password command

Command Syntax Check - [x]

Square brackets indicate an option element (keyword or argument)

Banner Messages - Delimiting Character

The "#" in the command syntax is called the delimiting character. It is entered before and after the message

Hot Keys and Shortcuts

The IOS CLI provides hot keys and shortcuts that make configuring, monitoring, and troubleshooting easier

IOS Help Features

The IOS has two forms of help available: - Context-sensitive help - Command syntax check

When a Command Output Produces more Text than can be Displayed in a Terminal Window

The IOS will display a "--More--" prompt

Default Gateway Address

The IP address of the router that the host will use to access remote networks, including the internet

Banner Messages - Display

The banner will be displayed on attempts to access the device

Commands and Keywords Shortened - Example

The configure command can be shortened to conf because configure is the only command that begins with conf

Device Names

The first configuration command on any device should be to give it a unique hostname

Command Syntax Provides

The pattern, or format, that must be used when entering a command

Hardware

The physical part of a computer including underlying electrons

The Use of IP Addresses

The primary means of enabling devices to locate one another and establish end-to-end communication on the internet

Encrypt Passwords - Startup-Config and Running-Config

The startup-config and running-config files display most passwords in plaintext

IPv4 Subnet Mask - Coupled with the IPv4 Address

The subnet mask determines to which subnet the device is a member

Password Guidelines - Security Concern

The use of weak or easily guessed passwords

Shell

The user interface that allows users to request specific tasks from the computer. These requests can be made either through the CLI or GUI interfaces

Command - ping and traceroute

The user-defined argument is the ip-address of the destination device

Basic IOS Command Structure - Keyword

This is a specific parameter defined in the operating system

Basic IOS Command Structure - Argument

This is not predefined; it is a value or variable defined by the user

Banner Messages - Creation

To create a banner message of the day on a network device, use the banner motd # the message of the day # global config command

Encrypt Passwords - Encryption

To encrypt all plaintext passwords, use the service password-encryption global config command

Sub-Configuration Modes - Move to Another

To move directly from one sub-configuration mode to another, type in the desired sub-configuration mode command.

Navigation Between IOS Modes - Privileged EXEC Mode

To move from user EXEC mode to privilege EXEC mode, use the enabled command

Navigation Between IOS Modes - Global Configuration Mode

To move in and out of global configuration mode, use the configure terminal command. To return to privilege EXEC mode, use the exit command.

Navigation Between IOS Modes - Line Configuration Mode

To move in and out of line configuration mode, use the line command followed by the management line type. To return to global configuration mode, use the exit command

Configuration Files - Save Changes

To save changes made to the running configuration to the startup configuration file, use the copy running-config startup-config privileged EXEC mode command

Password Guidelines - Characters

Use a combination of upper and lowercase letters, numbers, special characters, and/or numeric sequences

Password Guidelines - Length

Use passwords that are more than eight characters in length

Alter the Startup Configuration - Restore: Saved

Use the erase startup-config command in privilege EXEC mode - Reload the device to clear he running-config from RAM

To Return the Switch to the Default Prompt

Use the no hostname global config command

Encrypt Passwords - Verify

Use the show running-config command to verify that the passwords on the device are now encrypted

Global Configuration Mode

Used to access configuration options on the device

Interface Configuration Mode

Used to configure a switch port or router interface

Line Configuration Mode

Used to configure console, SSH, Telnet or AUX access

Terminal Emulation Programs

Used to connect to a network device by either a console port or by an SSH/Telnet connection

The GUI Allows

User to interact with the system using an environment of graphical icons, means, and windows

A GUI is More

User-friendly and requires less knowledge of the underlying command structure that contacts the system

Command Syntax Check

Verifies that a valid command was entered by the user: - If the interpreter cannot understand the command being entered, it will provide feedback describing what is wrong with the command

Hot Key and Shortcuts - Ctrl-C

When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode

Hot Key and Shortcuts - Ctrl-Z

When in any configuration mode, ends the configuration mode and returns to privileged EXEC mode