Set initial configuration in Cisco devices

Intro

In this section learn how to set initial configuration in Cisco devices. You can also follow the video of this section on my channel on YouTube.

We have 3 modes in Cisco devices, namely:

Modes

Symbols

command

User mode

switch>

Privilege mode

switch#

enter enable in user mode

Global mode

switch(config)#

enter config terminal or conf t to enter this mode

In privilege mode, you can run show commands, while in global mode you can change configuration of switch.

1-1 Setting hostname
sw# conf t
sw(config)# hostname Cisco
1-2 Setting password for line console

Console to PC
Enter a caption for this image (optional)
sw# conf t
sw(config)# line console 0
sw(config)# password CISCO
sw(config)# login

In line 4, if you forget to write login, switch will not ask any password. So, you have to write it, to enable password in line console 0.

1-3 Setting password for line vty

vty lines are using for users to connect via SSH, Telnet. In other words, to enable SSH or Telnet, you have to use these lines. By default, Cisco breaks up vty lines into two segments:

  • vty 0 – 4 (older devices)

  • vty 5- 15

sw# conf t
sw(config)# line vty 0 15
sw(config)# password CISCO
sw(config)# login

New devices have more than 15 vty. Usually system administrator define 5 vty in devices.

1-4 Setting password for the privilege mode

we have two options for setting password for the privilege mode:

  • password which is in clear mode

  • secret which is encryption mode

sw# conf t
sw(config)# enable password CISCO

or

sw# conf t
sw(config)# enable sercret CISCO
1-5 Encrypt your Cisco device

if you use password instead of secret with # show running-config command you can see the clear password. To encrypt the password use this command:

sw# conf t
sw(config)# service password-encryption

now if you look at running-config , everything has become encrypted.

encrypted password
Enter a caption for this image (optional)
1-6 Setting IP address for default vlan

by default, all Cisco devices have vlan 1, so in other section will know how to make a vlan. In this code, we set IP address 192.168.1.1 with subnet mask 255.255.255.0. Then, we use command no shutdown to enable interface.

sw# conf t
sw(config)# int vlan 1
sw(config-if)# ip address 192.168.1.1 255.255.255.0
sw(config-if)#no shutdown

Cisco recommends all use any vlan number except vlan 1.

1-7 Setting default gateway

if you have router and you want to access your Cisco switch to router for the Internet, you have to set default gateway.

sw# conf t
sw(config)# ip default-gateway 192.168.1.254
1-8 Shutdown ports

you can shutdown ports for the range of ports. For example, range of 1 to 4 is shutdown by shutdown command.

sw# conf t
sw(config)# int range fa0/1-4
sw(config)# shutdown

use no shutdown or no shut to enable ports

1-9 Setting banner

you can set a banner for a switch with motd command. After motd you have to use kind of character and it can be * + | or anything. The important matter is that both character should be the same as the code it is shown

sw# conf t
sw(config)# banner motd +
******************************************
cisco 3850 by HRT
​******************************************
+

Enter a caption for this image (optional)

1-10 Prevent mistype

Enter a caption for this image (optional)

Mistype translating domain server

In Cisco devices, if you enter a some command wrong, by default try to map it to domain name and it takes 30 sec to do that. To prevent mistype, we use this command:

sw# conf t
sw(config)# no ip domain-lookup
1-11 Setting timeout

if you are working with Cisco command line, you can set session timeout with these command. In these examples, we set timeout to 10 seconds.

vty line:

sw# conf t
sw(config)# line vty 0 5
sw(config)# exec-timeout 0 10

line console:

sw# conf t
sw(config)# line cosole 0
sw(config)# exec-timeout 0 10
1-12 save configuration

to save your configuration you can run these two commands:

sw# copy running-config startup-config

or

sw# write

 

/by