_________________________________________________________________

Build, configure, and simulate switch

TITLE : setting in network topology.

Lab Number : 05

NAME : ___________________

REG NO : ___________________

Comp Network Lab Page 1

_________________________________________________________________

LAB PERFORMANCE & REPORT EVALUATION RUBRIC

LAB 05

Psychomotor Skill Level: P4

Category Excellent (90-100) Good (70-90) Satisfactory (50- Unsatisfactory

% % 70) % (0-50) %

Simulation All tasks correctly Some tasks Inaccuracies in Most tasks

Results performed. incorrect. many tasks. performed
(5) incorrectly.

Lab Report Professionally Report with Report with some Unprofessionally

(5) Written report with some greater report with
accurate results and inaccuracies in inaccuracies in incorrect results
conclusions. All result and result and and conclusions.
tasks included conclusion. conclusions. Many Most tasks
Some tasks tasks missing. missing.
missing.

Comp Network Lab Page 2

_________________________________________________________________

Objectives:
Part 1: Verify the Default Switch Configuration
Part 2: Configure a Basic Switch Configuration
Part 3: Save Configuration Files to NVRAM
Part 4: Configure S2
Part 5: Assign IP to switch vlan’s.

Background
In this activity, you will perform basic switch configurations. You will secure
access to the command-line interface (CLI) and console ports using encrypted
and plain text passwords. You will also learn how to configure messages for users
logging into the switch. These banners are also used to warn unauthorized users
that access is prohibited.

Physical connection:
Establish a virtual connection between Switches and PC’s in Packet tracer
software using Cross copper cable between switches and straight copper cable
b/w pc and switch. Or you can also use automatically chosen connection type
cable.

 Part 1: Verify the Default Switch Configuration

Step 1: Enter privileged mode.
You can access all switch commands from privileged mode. However, because
many of the privileged commands configure operating parameters, privileged
access should be password-protected to prevent unauthorized use.

The privileged EXEC command set includes those command s contained in user
EXEC mode, as well as the configure command through which access to the
remaining command modes are gained.

Comp Network Lab Page 3

_________________________________________________________________

a. Click S1 and then the CLI tab. Press <Enter>.

b. Enter privileged E XEC mode by entering the enable command:
Switch>enable
Switch#
Notice that the prompt changed in the configuration to reflect privileged EX EC
mode.

Step 2: Examine the current switch configuration.

a. Enter the show running-config command.
Switch# show running-config
b. Answer the following questions:
How many Fast Ethernet interfaces does the switch have?
Which command will display the current contents of non-volatile random-
access memory (NVRAM)? Why does the switch respond with startup-config
is not present?

 Part 2: Create a Basic Switch Configuration

Step 1: Assign a name to a switch.
To configure parameters on a switch, you may be required to move between various
configuration modes. Notice how the prompt changes as you navigate through the
switch.
Switch# configure terminal
Switch(config)#hostname S1
S1(config)# exit
S1#

Step 2: Secure access to the console line.

To secure access to the console line, access config-line mode and set the console
password to letmein.
S1# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# line console 0
S1(config-line)#
password letmein
S1(config-line)# login
S1(config-line)# exit
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console.
S1#
Why is the login command required?

Step 3: Verify that console access is secured.

Exit privileged mode to verify that the console port password is in effect.
S1# exit
Switch con0 is now available

Comp Network Lab Page 4

_________________________________________________________________

Press RETURN to get started.

User Access Verification
Password:
S1>
Note: If the switch did not prompt you for a password, then you did not configure
the login parameter in Step 2.

Step 4: Secure privileged mode access.

Set the enable password to c1$c0. This password protects access to privileged
mode.
Note: The 0 in c1$c0 is a zero, not a capital O. This password will not grade as
correct until after you encrypt it in Step 8.
S1> enable
S1#configure terminal
S1(config)# enable password c1$co
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console.
S1#

Step 5: Verify that privileged mode access is secure.

a. Enter the exit command again to log out of the switch.
b. Press <Enter> and you will now be asked for a password:
User Access Verification
Password:
c. The first password is the console password you configured for line con 0. Enter
this password to return to user EXEC mode.
d. Enter the command to access privileged mode.
e. Enter the second password you configured to protect privileged EXEC mode.
f. Verify your configurations by examining the contents of the running-
configuration file:
S1# show running-configuration
Notice how the console and enable passwords are both in plain text. This
could pose a security risk if someone is looking over your shoulder.

Step 6: Configure an encrypted password to secure access to privileged mode.

The enable password should be replaced with the newer encrypted secret
password using the enable secret command. Set the enable secret password
to itsasecret.
S1# config t
S1(config)# enable secret itsasecret
S1(config)#exit
S1#

Note: The enable secret password overrides the enable password. If both are
configured on the switch, you must enter the enable secret password to enter
privileged EXEC mode.

Step 7: Verify that the enable secret password is added to the configuration file.

Comp Network Lab Page 5

_________________________________________________________________

a. Enter the show running-configuration command again to verify the new

enable secret password is configured.
Note: You can abbreviate show running-configuration as
S1# show run
b. What is displayed for the enable secret password?
c. Why is the enable secret password displayed differently from what we
configured?

Step 8: Encrypt the enable and console passwords.

As you noticed in Step passwords were still in password-encryption
, the enable secret password was encrypted, but the enable and console plain text. We
will now encrypt these plain text passwords using the service command.

S1# config t
S1(config)# service password-encryption
S1(config)# exit

If you configure any more passwords on the switch, will they be displayed in the
configuration file as plain text or in encrypted form? Explain why?

 Part 3: Save Configuration Files to NVRAM

Step 1: Verify that the configuration is accurate using the show run command.

Step 2: Save the configuration file.

You have completed the basic configuration of the switch. Now back up the
running configuration file to NVRAM to ensure that the changes made are not lost
if the system is rebooted or loses power.
S1# copy running-config startup-config
Destination filename [startup-config]?
[Enter] Building configuration...
[OK]
What is the shortest, abbreviated version of the copy running-config startup-
config command?

Step 3: Examine the startup configuration file.

Which command will display the contents of NVRAM?
Are all the changes that were entered recorded in the file?

 Part 4: Configure S2
You have completed the configuration on S1. You will now configure S2. If you
cannot remember the commands, refer to Parts 1 to 4 for assistance.

Configure S2 with the following parameters:

a. Name device: S2

Comp Network Lab Page 6

_________________________________________________________________

b. Protect access to the console using the letmein password.

c. Configure an enable password of c1$c0 and an enable secret password of
itsasecret.
d. Configure a message to those logging into the switch with the following
message:
“Authorized access only. Unauthorized access is prohibited, and violators
will be prosecuted to the full extent of the law.”
e. Encrypt all plain text passwords.
f. Ensure that the configuration is correct.
g. Save the configuration file to avoid loss if the switch is powered down.

 Part 5: Switch Configuration:

a. Go to switch global configuration mode
b. Access vlan interface by using command interface vlan1/2
c. Assign ip address to selected vlan using the following command.
Ip address 192.168.1.1 255.255.255.0
d. Now turn on that vlan using no shutdown command.
e. Similarly assign ip address to other switch and ensure the transfer of packet
between two PC’s.

Comp Network Lab Page 7