Getting a router or a switch up and running might seem intimidating at first, but once you know the commands and their purpose, it’s pretty straightforward. Let’s go through a detailed basic configuration, explaining each step clearly.
1. Accessing the Router
Privileged Mode
To start configuring a router, you need to enter privileged mode:
This gives you access to commands that can change the device configuration.
Global Configuration Mode
Once in privileged mode, enter global configuration mode to make changes to the router:
1
| Router# configure terminal
|
Now you can configure interfaces, passwords, hostnames, and more.
Saving the Configuration
After making changes, save the running configuration to avoid losing it after a reboot:
1
| Router# copy running-config startup-config
|
running-config = current settings in RAMstartup-config = saved settings in NVRAM
Check the saved configuration with:
1
| Router# show startup-config
|
2. Setting the Hostname
Set a meaningful name for your router to identify it on the network:
1
| Router(config)# hostname Router1
|
3. Configuring Passwords
Enable Password (Unencrypted)
1
| Router(config)# enable password cisco1234
|
Enable Secret (Encrypted)
1
| Router(config)# enable secret cisco1234
|
Encrypt All Passwords
1
| Router(config)# service password-encryption
|
4. Banner Message
Set a login banner to warn unauthorized users:
1
| Router(config)# banner motd # Authorized Access Only #
|
5. Disabling DNS Lookup
To prevent the router from trying to resolve mistyped commands as domain names:
1
| Router(config)# no ip domain-lookup
|
6. Configuring Console and VTY Access
Console Access
1
2
3
4
| Router(config)# line console 0
Router(config-line)# password cisco1234
Router(config-line)# login
Router(config-line)# logging synchronous
|
logging synchronous prevents console messages from messing up your typing.
VTY (Telnet/SSH) Access
1
2
3
| Router(config)# line vty 0 4
Router(config-line)# password cisco1234
Router(config-line)# login
|
7. Configuring Interfaces
Basic IP Configuration
1
2
3
4
| Router(config)# interface [type] [port]
Router(config-if)# ip address [IP address] [subnet mask]
Router(config-if)# no shutdown
Router(config-if)# exit
|
show ip interface to verify IP assignment and interface status.
Example:
1
2
3
4
| Router(config)# interface gigabitEthernet 0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# no shutdown
Router(config-if)# exit
|
8. Switch MAC Address Configuration
Display MAC Table
1
| Switch# show mac address-table
|
Static MAC Assignment
1
| Switch(config)# mac address-table static [MAC] vlan [VLAN] interface [port]
|
Example:
1
| Switch(config)# mac address-table static 00:1A:2B:3C:4D:5E vlan 1 interface f2/1
|
9. Switch Port Security
Enable Port Security
1
| Switch(config-if)# switchport port-security
|
Limit Maximum MAC Addresses
1
| Switch(config-if)# switchport port-security maximum [n]
|
Sticky MAC Address
1
| Switch(config-if)# switchport port-security mac-address sticky [MAC]
|
Security Violation Action
1
| Switch(config-if)# switchport port-security violation shutdown
|
This ensures that unauthorized devices cannot connect to the switch port.
10. Verifying Configuration
Use these commands to check your work:
- Check interfaces and IPs:
1
| Router# show ip interface brief
|
- Check running configuration:
1
| Router# show running-config
|
- Check switch MAC addresses:
1
| Switch# show mac address-table
|
This covers all the essential commands for basic router and switch setup, with explanations so you understand not just what to type, but why it matters.
