Nov 23, 2024
HEP 456 Module 6 Section 14 Communication and Dissemination of The Findings Arizona State University
HEP 456 Module 6 Section 14 Communication and Dissemination of The Findings HEP 456: Health Promotion Program ā¦
Introduction
Assignment
Gain skills required for the practical portion of the CCENT certification:
To console into the routers and switches mentioned in the lab steps, click on the device tab on the left hand side of the web page. If you receive a blank screen simply click in the window and press the return/enter key to liven up the console port of the device.
Conditions
The devices in the diagram below are the routers and switches that you have control over. In some labs there will be devices that simulate service provider infrastructure, you will be notified of these if applicable. All of the devices that you access in the labs are real Cisco routers and switches. Nothing is simulated.
Diagram
Task Index
ā¢ Task 1 - Performing Switch Startup and Initial Configuration ā
Task 1 - Performing Switch Startup and Initial Configuration
Step 1: Console into NYCORE1. Enter the enable command to access privileged exec mode.
Action:
NYCORE1>enable
NYCORE1#
Explanation:
You should see the prompt change from NYCORE1> (user mode) to NYCORE1# to indicate that you are in privileged exec mode. From privileged exec, you can enter any available show or debug command and you have the ability access global configuration mode, as well.
Step 2: Erase the startup configuration on NYCORE1 and reload the device.
Action:
NYCORE1#erase startup-config
Erasing the nvram filesystem will remove all configuration files!
Continue? [confirm] (PRESS ENTER)
NYCORE1#reload
System Configuration has been modified. Save? [Yes/no]: (TYPE no)
Proceed with reload? [confirm] (PRESS ENTER)
Result:
The startup-config is the saved configuration in NVRAM that is loaded when the switch boots up. By erasing it and entering the reload command, you will be able to configure the switch from scratch.
Explanation:
RAM is where your running configuration is stored. RAM is volatile, meaning that everything found in it is flushed when the device is rebooted. NVRAM is Non-Volatile RAM. The contents remain intact when the device is reloaded. Because of this, any time a configuration is saved, it is copied from RAM to
NVRAM.
Step 3: After the NYCORE1 reloads, press Enter. When prompted to enter the configuration dialog, answer yes.
Action:
Would you like to enter the initial configuration dialog? [yes/no]: yes
Explanation:
The initial configuration dialog contains a series of questions. Based on the answers, the switch creates a basic configuration. Cisco engineers typically do not use this dialog. If someone unfamiliar with a Cisco switch needed help, they could use the dialog to provide the switch with enough information to allow network connectivity. From that point, an engineer could take over remotely and finish the configuration. In this lab, you will step through the configuration dialog so that you are familiar with using it to create a bare bones configuration. In later labs, you will configure the switch directly using IOS commands.
Step 4: On NYCORE1, answer yes to entering basic management setup.
Action:
Would you like to enter basic management setup? [yes/no]: yes
Explanation:
The setup is almost identical for basic and extended except for the number of interfaces configured. With basic, only one interface is configured and the rest are left in their default state, active. Since we want to configure only one interface, going with the basic setup is the better choice.
Step 5: Change the hostname to: NYCORE1
Action:
Enter host name [Switch]: NYCORE1
Explanation:
By default, the hostname on a Cisco switch is Switch.
Step 6: On NYCORE1, answer cisco when asked for the enable secret password.
Action:
Enter enable secret: cisco
Result:
Be especially careful here not to mistype or add an extra space after cisco. Also, although you could change the password to something other than cisco, you may run into unnecessary problems in later labs that are assuming that your password matches what is listed here.
Explanation:
The enable secret password provides security for privileged exec mode. When it is configured, a user cannot get beyond user mode unless they enter the password. If you only have access to user mode, you cannot make configuration changes or enter debug commands.
Step 7: On NYCORE1, answer cisco1 when asked for the enable password.
Action:
Enter enable password: cisco1
Explanation:
The enable password has the same job as the enable secret password: to provide security for privileged exec mode. If both are configured, only the enable secret password is used.
Step 8: Enter cisco when asked for a virtual terminal password for NYCORE1.
Action:
Enter virtual terminal password: cisco
Explanation:
The virtual terminal (VTY) password is used to authenticate users that attempt to telnet into the switch. Telnet allows you to access the switch remotely.
Step 9: Answer no when asked to configure SNMP Network Management.
Action:
Configure SNMP Network Management? [no]: no
Explanation:
The word no is by itself in brackets. This indicates it is the default answer. You could press the ENTER key here instead of typing the answer.
Step 10: A summary of the interfaces found on the switch will be shown next. Press the space bar to page down through all of the interfaces until you reach the end of the list.
Action:
Current interface summary (PRESS SPACEBAR UNTIL YOU SEE THE MANAGEMENT INTERFACE)
Explanation:
If you look at the last two columns of output, the interfaces will either be in an up/up state, an administratively down/down state, or a down/down state. Up/up means that the physical and data link layers are alive and well. Down/down, on a switch, typically means that nothing is plugged into that interface. Administratively down/down, means that the interface has been disabled. By default, the VLAN 1 interface is disabled. This interface is virtual, or in other words, fake. If you examined this switch, you would not find a physical port labelled VLAN 1. It is a logical interface that can be assigned an IP address. The IP address makes it possible to access the switch remotely through telnet.
Step 11: On NYCORE1, when asked for an interface name for connecting to the management network, enter VLAN1.
Action:
Enter interface name used to connect to the management network from the above interface summary: vlan1
Explanation:
VLAN 1 is the default management interface.
Step 12: Answer yes when asked to configure IP on this interface.
Action:
Configure IP on this interface? [no]: yes
Step 13: On NYCORE1, when prompted for an IP address, enter 10.1.1.2
Action:
IP address for this interface: 10.1.1.2
Step 14: Enter 255.255.255.0 when prompted for a subnet mask on NYCORE1.
Action:
Subnet mask for this interface [255.0.0.0]: 255.255.255.0
Step 15: On NYCORE1, answer no to the Enable as a Cluster Command Switch prompt.
Action:
Would you like to enable as a cluster command switch? [yes/no]: no
Step 16: A configuration will be created based on the questions you answered. Page down to the bottom of the config using the space bar.
Action:
The following configuration command script was created:
(PRESS SPACE BAR UNTIL YOU RECEIVE THE MENU)
Explanation:
As you look through the configuration, you will see the commands that were generated based on the information you provided such as: hostname, enable secret, enable password, VTY password, and IP address.
Step 17: Select 2 when prompted to save the configuration to NVRAM and exit.
Action:
Enter your selection [2]: 2
NYCORE1>
Explanation:
If you made any mistakes when going through the dialog, you can enter 1 to start over. Entering 0 breaks out of the dialog altogether. Once you are satisfied that your configuration is correct, entering 2 saves the configuration to NVRAM. This means that even if the device is reloaded, the configuration will remain.
Step 18: Enter global configuration mode on NYCORE1.
Action:
NYCORE1>enable
Password: cisco
NYCORE1#config t NYCORE1(config)#
Explanation:
To make configuration changes on a Cisco device, you first have to enter global configuration mode. In global configuration mode, you can enter commands that affect the entire device, like changing the hostname or configuring a default gateway. You can also enter more specific configuration modes, such as interface configuration, from this mode.
Step 19: Configure NYCORE1 with the default gateway: 10.1.1.1
Action:
NYCORE1(config)#ip default-gateway 10.1.1.1
NYCORE1(config)#
Step 20: Configure the password cisco on NYCORE1ās console port and enable security.
Action:
NYCORE1(config)#line con 0
NYCORE1(config-line)#password cisco
NYCORE1(config-line)#login
NYCORE1(config-line)#
Result:
Configuring a console password is also known as configuring a user mode password.
Explanation:
There is only one console port, line 0. Configuring a password is not enough to secure the port. A guard must also be set at the door, so to speak, to ask for the password. This is done with the login command.
Step 21: View your running configuration on NYCORE1. Note which passwords are readable.
Action:
NYCORE1(config-line)#end
NYCORE1#show run
NYCORE1#
Result:
The end command is helpful when you’re in one of the configuration modes and want to immediately access privileged mode instead of typing exit multiple times.
Explanation:
Use the space bar to page down. Notice that your enable secret password is encrypted, but you should be able to read your other passwords in clear text.
Step 22: Verify that your user mode and privileged mode passwords are working properly. Exit out of NYCORE1, log back in, and enter privileged exec mode.
Action:
NYCORE1#exit (PRESS ENTER TWICE)
User Access Verification
Password: cisco
NYCORE1>enable
Password: cisco
NYCORE1#
Explanation:
If your console password does not work, scroll up and look at the show run command you entered in the last step. If either of your passwords do not work, first make sure that your caps lock is not on. Second, try entering the same passwords, cisco and cisco, but with a space after the password. Sometimes people will accidentally add a space after the password and this will not show up in the running configuration. If this still does not allow you to gain access, try resetting the device through the Device Controls buttons at the bottom of the devices terminal.
Step 23: Configure the password encryption service on NYCORE1 to secure all clear text passwords.
Action:
NYCORE1#config t
NYCORE1(config)#service password-encryption
NYCORE1(config)#
Explanation:
After entering this command, the passwords that were previously readable in your running config, are now scrambled visually. However, you still use the same passwords to access.
Step 24: View the running configuration on NYCORE1 again. Verify that the enable password and console password are now unreadable.
Action:
NYCORE1(config)#end
NYCORE1#show run
NYCORE1#
Result:
All of your passwords should now be unreadable.
Step 25: Configure a message of the day banner warning unauthorized users not to log into NYCORE1.
Action:
NYCORE1#config t
NYCORE1(config)# banner motd $ (PRESS ENTER)
UNAUTHORIZED ACCESS PROHIBITED. (PRESS ENTER) $ (PRESS ENTER)
NYCORE1(config)#
Explanation:
A configured banner MOTD appears before a user logs into a Cisco device. In the example here, a $ was used as the delimiter to show where the message starts and stops. The $ will not show up in the message.
Step 26: Exit out of NYCORE1 to verify that your banner is configured correctly.
Action:
NYCORE1(config)#exit
NYCORE1#exit (PRESS ENTER TWICE)
Result:
You should see the banner message appear before the user mode login.
Step 27: Enter privileged mode. Remove the enable secret, enable password, and console password. In addition, remove the login command from the console.
Action:
Password: cisco
NYCORE1>enable
Password: cisco
NYCORE1#config t
NYCORE1(config)#no enable secret
NYCORE1(config)#no enable password
NYCORE1(config)#line con 0
NYCORE(config-line)#no password
NYCORE1(config-line)#no login
NYCORE1(config-line)#
Result:
Entering the keyword no in front of any command that appears in your configuration will remove it.
Step 28: Compare your running configuration with your startup configuration.
Action:
NYCORE1(config-line)#end
NYCORE1#show run
NYCORE1#show start
NYCORE1#
Explanation:
As you can see, all of your changes are found in the running configuration. The changes you have made would be lost if the switch were reloaded at this point. The running-config is in RAM, which is volatile and is flushed when the device is reloaded. When a Cisco device boots, by default, it loads the startup configuration. The startup-config is stored in NVRAM, which is non-volatile.
Step 29: Copy the running configuration to the startup configuration on NYCORE1.
Action:
NYCORE1#copy run start
Destination filename [startup-config]? (Press Enter)
NYCORE1#
Explanation:
The syntax is to copy from source (running-config) to destination (startup-config). Anything that is copied into the startup-config overwrites what was previously there. In this case, the startup-config is empty. Once this command is entered, the running-config and startup-config should match.
Step 30: Verify that the configuration is now saved in NVRAM.
Action:
NYCORE1#show start
NYCORE1#
Explanation:
You have successfully saved your configuration if the contents of the startup-config match the contents of the running-config.
Step 31:
Erase your startup configuration:
NYCORE1#erase startup-config
Erasing the nvram filesystem will remove all configuration files!
Continue? [confirm] (PRESS ENTER)
You have finished the lab.
ā
Summary
In this lab you completed the following tasks:
ā¢ Task 1 - Performing Switch Startup and Initial Configuration
