Cisco 3xx series switches » History » Version 1
Charles Atkinson, 30/05/2021 10:08
| 1 | 1 | Charles Atkinson | h1. Cisco 3xx series switches |
|---|---|---|---|
| 2 | 1 | Charles Atkinson | |
| 3 | 1 | Charles Atkinson | {{toc}} |
| 4 | 1 | Charles Atkinson | |
| 5 | 1 | Charles Atkinson | h1. Initial setup without using a console cable |
| 6 | 1 | Charles Atkinson | |
| 7 | 1 | Charles Atkinson | Cisco 3xx series switches are most commonly set up using the console port and a serial connection. It is more convenient to do it using only Ethernet ports |
| 8 | 1 | Charles Atkinson | |
| 9 | 1 | Charles Atkinson | In this example, port 23 is set up for management using VLAN 5 and a 192.168.5./24 address |
| 10 | 1 | Charles Atkinson | |
| 11 | 1 | Charles Atkinson | The poor security of keeping the default user/password (cisco/cisco) is done for Cisco Smart Network Application (SNA). It is mitigated by restricting VLAN 5 access |
| 12 | 1 | Charles Atkinson | |
| 13 | 1 | Charles Atkinson | h2. Computer setup |
| 14 | 1 | Charles Atkinson | |
| 15 | 1 | Charles Atkinson | During initial setup a computer will be required to access the switch at 192.168.1.254/24 and at 192.168.5.<planned octet>/24 tagged with VLAN 5 |
| 16 | 1 | Charles Atkinson | |
| 17 | 1 | Charles Atkinson | When the network is configured by /etc/network/interfaces that can be done for example by |
| 18 | 1 | Charles Atkinson | <pre> |
| 19 | 1 | Charles Atkinson | ifup eno3 |
| 20 | 1 | Charles Atkinson | ip addr add dev eno3 192.168.1.91 |
| 21 | 1 | Charles Atkinson | ip route add 192.168.1.0/24 dev eno3 |
| 22 | 1 | Charles Atkinson | ip link add link eno3 name eno3.5 type vlan id 5 |
| 23 | 1 | Charles Atkinson | ip addr add dev eno3.5 192.168.5.1 |
| 24 | 1 | Charles Atkinson | ip link set dev eno3.5 up |
| 25 | 1 | Charles Atkinson | ip route add 192.168.5.0/24 dev eno3.5 |
| 26 | 1 | Charles Atkinson | </pre> |
| 27 | 1 | Charles Atkinson | |
| 28 | 1 | Charles Atkinson | h2. Switch reset |
| 29 | 1 | Charles Atkinson | |
| 30 | 1 | Charles Atkinson | Reset the switch to factory defaults by |
| 31 | 1 | Charles Atkinson | * Disconnect all network connections |
| 32 | 1 | Charles Atkinson | * Power up |
| 33 | 1 | Charles Atkinson | * Press reset switch for minimum 10 seconds. All port LEDs should flash once when reset switch is pressed and later once again |
| 34 | 1 | Charles Atkinson | * The System LED should flash continuously to show the switch is reset to defaults |
| 35 | 1 | Charles Atkinson | |
| 36 | 1 | Charles Atkinson | The switch IP address is now 192.168.1.254 |
| 37 | 1 | Charles Atkinson | |
| 38 | 1 | Charles Atkinson | h2. Switch image upgrade |
| 39 | 1 | Charles Atkinson | |
| 40 | 1 | Charles Atkinson | In case the switch's firmware image is outdated, upgrade it |
| 41 | 1 | Charles Atkinson | |
| 42 | 1 | Charles Atkinson | h2. Conf via Web UI - set cisco password and enable ssh |
| 43 | 1 | Charles Atkinson | |
| 44 | 1 | Charles Atkinson | * Connect a device with a web browser to switch port 1 |
| 45 | 1 | Charles Atkinson | * Power up the switch. |
| 46 | 1 | Charles Atkinson | * Open http://192.168.1.254 |
| 47 | 1 | Charles Atkinson | ** Log in as cisco/cisco |
| 48 | 1 | Charles Atkinson | ** On the Change Password Page |
| 49 | 1 | Charles Atkinson | *** Set a temporary password for user cisco |
| 50 | 1 | Charles Atkinson | *** Clear "Password Strength Enforcement" |
| 51 | 1 | Charles Atkinson | ** Display Mode: -Basic- Advanced |
| 52 | 1 | Charles Atkinson | ** Security |
| 53 | 1 | Charles Atkinson | *** Password strength |
| 54 | 1 | Charles Atkinson | **** Password Aging: Enable: -selected- cleared |
| 55 | 1 | Charles Atkinson | **** Apply |
| 56 | 1 | Charles Atkinson | *** TCP/UDP Services |
| 57 | 1 | Charles Atkinson | **** SSH Service: select |
| 58 | 1 | Charles Atkinson | **** Apply |
| 59 | 1 | Charles Atkinson | ** Administration > User Accounts > cisco > Edit |
| 60 | 1 | Charles Atkinson | *** Password: cisco |
| 61 | 1 | Charles Atkinson | *** Apply |
| 62 | 1 | Charles Atkinson | *** Close |
| 63 | 1 | Charles Atkinson | ** Administration > File Management > File Operations |
| 64 | 1 | Charles Atkinson | *** Operation Type: Duplicate |
| 65 | 1 | Charles Atkinson | *** Source File Name: Running Configuration |
| 66 | 1 | Charles Atkinson | *** Destination File Name: Startup Configuration (only option) |
| 67 | 1 | Charles Atkinson | *** Apply |
| 68 | 1 | Charles Atkinson | ** VLAN Management > VLAN Settings > Add |
| 69 | 1 | Charles Atkinson | *** VLAN ID: 5 |
| 70 | 1 | Charles Atkinson | *** VLAN Name: mgt |
| 71 | 1 | Charles Atkinson | *** VLAN Interface State: Enable: selected (default) |
| 72 | 1 | Charles Atkinson | *** Link Status SNMP Traps: Enable: -cleared- selected |
| 73 | 1 | Charles Atkinson | *** Apply |
| 74 | 1 | Charles Atkinson | *** Close |
| 75 | 1 | Charles Atkinson | ** VLAN Management > Port to VLAN |
| 76 | 1 | Charles Atkinson | *** Filter VLAN ID equals to "5" |
| 77 | 1 | Charles Atkinson | *** Click "GO" |
| 78 | 1 | Charles Atkinson | *** Choose port GE23 and mark as "untagged" |
| 79 | 1 | Charles Atkinson | *** Apply |
| 80 | 1 | Charles Atkinson | ** Administration > File Management > File Operations |
| 81 | 1 | Charles Atkinson | *** Operation Type: Duplicate |
| 82 | 1 | Charles Atkinson | *** Source File Name: Running Configuration |
| 83 | 1 | Charles Atkinson | *** Destination File Name: Startup Configuration (only option) |
| 84 | 1 | Charles Atkinson | *** Apply |
| 85 | 1 | Charles Atkinson | ** IP Configuration > IPv4 Management and Interfaces > IPv4 Interface > Add |
| 86 | 1 | Charles Atkinson | *** Interface: VLAN 5 |
| 87 | 1 | Charles Atkinson | *** IP Address Type: static |
| 88 | 1 | Charles Atkinson | **** IP address: 192.168.5.<planned octet> |
| 89 | 1 | Charles Atkinson | **** Network mask: 255.255.255.0 |
| 90 | 1 | Charles Atkinson | *** Apply |
| 91 | 1 | Charles Atkinson | *** Close |
| 92 | 1 | Charles Atkinson | |
| 93 | 1 | Charles Atkinson | The connection will then be lost. Move the Ethernet cable from port 1 to port 23. Ensure the computer's port is on the 192.168.5.0/24 network with packets tagged with VLAN 5 |
| 94 | 1 | Charles Atkinson | |
| 95 | 1 | Charles Atkinson | Test by pinging 192.168.5.<planned octet> |