Solved

Simple Switch configuration

Posted on 2008-10-13
13
2,138 Views
Last Modified: 2011-05-08
So, I got the hang of basic router configuration.  Now I'm having little difficulty understanding how a switch is configured.  I have the following setup in a lab environment:  2 host machine (1 Vista, 1 Unix box) and 1 Vista machine used to monitor.  I just have one switch (Cisco 3750).  I looked at several command books and websites for help but I haven't found anything that gives me clear understanding of how I can configure the switch and configure the host machines to establish connection.  For example, on  a router, I configure an interface (i.e. g1/0).  This didn't work the same way on a switch and there is "vlan"?  I'm looking for the simplest configuration for me to establish connection between the two hosts through this switch.  Can someone lead me to a helpful website or teach me what steps are needed from A-Z to accomplish this?  Thank you in advance!
0
Comment
Question by:elly960
13 Comments
 
LVL 10

Expert Comment

by:cstosgale
Comment Utility
Very simply, if all you want to do is establish communication between two hosts, leave the switch in its default configuration and put both of the hosts in the same subnet.
0
 
LVL 26

Expert Comment

by:Soulja
Comment Utility
By default cisco switches are set up like dumb or unmanaged switches. Like cstogsgale stated just leave it as is and plug in your devices.
0
 
LVL 3

Expert Comment

by:keno44
Comment Utility
the comments above are correct. You shouldnt have to do anything fancy with the configuration. VLANs are used to prevent broadcasts from being forwarded out all ports. Using VLANs will keep a PCs broadcast in it own VLAN. It also provides some level of security. IF you need to move traffic from one VLAN to another, the configuration will get a little more advanced, but it is still pretty easy to get up and running.

here are some basics on switch configuration. Happy to help further if needed.

use hyper terminal to connect to the CON port of your laptop to the CON port on the switch. Set hyper terminal to COM1, bits per sec 9600, data bits 8, parity none, stop bits 1, lfow ctrl none.

remember to use the ? for help with a command.

switch>enable
swicth#conf t

set its hostname and create a password

switch(config)#hostname myswitch
myswitch(config)# enable secret some_password_you like

assign an IP so you can manage it..

myswitch(config)#int vlan 1
myswitch(config-if)#ip address 192.168.X.X 255.255.255.0
myswitch(config-if)#exit

enable remote logons via telnet (don't enable telnet if you're connecting over a public network!!

myswitch(config)#line vty 0-4
myswitch(config-line)#login
myswitch(config-line)#password some_password_you_like

set password for console logons

myswitch(config-if)#line con 0
myswitch(config-line)#login
myswitch(config-line)#password some_password_you_like

create a new VLAN
myswitch(config)#vlan 2
myswitch(config-vlan)# name Engineering
myswitch(config-vlan)# no shut
myswitch(config)#vlan 4
myswitch(config-vlan)# name Production
myswitch(config-vlan)# no shut

switch port 3 to VLAN 4.
myswitch(config)#int fa0/3
myswitch(config-if)#switch access vlan 4

configure port speed/duplex
myswitch(config-if)#speed 1000

What else are you needing to do..?
0
 
LVL 3

Expert Comment

by:keno44
Comment Utility
MORE....

To interface with a port to adjust port speed...

myswitch>enable
myswitch#conf t
myswitch(config)#int fa0/3
myswitch(config-if)#speed 1000
myswitch(config-if)#duplex full
myswitch(config-if)#description ExchangeServerNIC_1
0
 

Author Comment

by:elly960
Comment Utility
1.  These hardware are not connected to any network; they are just by themseleves.

--------this I get, no problem---------
switch>enable
swicth#conf t
switch(config)#hostname myswitch
myswitch(config)# enable secret some_password_you like

---------this IP is for the switch?-----------
assign an IP so you can manage it..
myswitch(config)#int vlan 1
myswitch(config-if)#ip address 192.168.X.X 255.255.255.0
myswitch(config-if)#exit

--------------------------------------------
What are the other vlans for??  Let's say one of the host machine is connected to port 16 and the other host machine connected to port 22 of the switch, am I suppose to configure vlan 16 and vlan 22?  like the example above?

----------------------
myswitch(config)#vlan 16
myswitch(config-vlan)# name Engineering
myswitch(config-vlan)# no shut
myswitch(config)#vlan 22
myswitch(config-vlan)# name Production
myswitch(config-vlan)# no shut
-----------------------------
or is this optional?
Don't I have to assign IP addresses to these two host machines?
I'm sorry if the questions are so basic  they sound stupid.  :(
0
 
LVL 3

Expert Comment

by:keno44
Comment Utility
Sorry, Yes that is assigning an IP to the switch on native VLAN1. It's so you can manage the switch via TELNET or SSH.

VLAN IDs have nothing to do the port numbers. The VLAN IDs are just unique identifiers for each VLAN. I believe you can have up to 4096 VLANs (dont quote me).

VLANs are just logical groupings of ports. All switch ports assigned to VLAN2 can talk to each other. All ports configured for VLAN3 can talk to each other and so on. Hosts attached to VLAN 2 cannot talk to hosts on VLAN 3. This is true even if all of your hosts have the same IP subnets assigned.

Yes you have to assign IPs to all hosts.

you can have vlan2 assigned on ports 1, 2 and 3. All hosts attached via these ports could use 192.168.1.100, 192.168.1.101 and 192.168.1.102.
you can have vlan3 assigned on ports 5, 6, and 7. All hosts attached via these ports could be using 192.168.1.103, 192.168.1.104 and 192.168.1.105.

Even though all of these hosts are on the same network, the host on port 1 and port 5 are connected to different vlans, they can not talk to each other.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:elly960
Comment Utility
So for me to configure my switch and the two computers, can I simply do this?

switch>enable
swicth#conf t
switch(config)#hostname myswitch
myswitch(config)# enable pass4you
myswitch(config)#int vlan 1
myswitch(config-if)#ip address 192.168.1.100 255.255.255.0
myswitch(config-if)#exit
myswitch(config)#vlan 2
myswitch(config-vlan)# name Lab
myswitch(config-vlan)# no shut
myswitch(config-vlan)#int g16/0
myswitch(config-vlan-if)#ip address 192.168.1.101 255.255.255.0
myswitch(config-vlan-if)#no shut
myswitch(config-vlan)#int g22/0
myswitch(config-vlan-if)#ip address 192.168.1.102 255.255.255.0
myswitch(config-vlan-if)#no shut


0
 

Author Comment

by:elly960
Comment Utility
Actually, I'll have to do one more for my monitoring station:

myswitch(config-vlan)#int g23/0
myswitch(config-vlan-if)#ip address 192.168.1.103 255.255.255.0
myswitch(config-vlan-if)#no shut

all three of these in same vlan...

0
 
LVL 3

Expert Comment

by:keno44
Comment Utility
Not exactly. By default the switch has one VLAN (VLAN1). All ports are originally configured on VLAN1. All you should have to do is plug the hosts into any of the gigabit ports and so long as these hosts are configured with valid IPs (IPs on the same network), they will talk to each other.


----------this is all good-----------
switch>enable
swicth#conf t
switch(config)#hostname myswitch
myswitch(config)# enable pass4you
myswitch(config)#int vlan 1
myswitch(config-if)#ip address 192.168.1.100 255.255.255.0
myswitch(config-if)#exit

-----------Note above, we only assigned this IP to VLAN1 so you can manage the switch via TELNET/SSH from one of your PCs. DO not use this IP address on any of your hosts. If you are going to use another VLAN (for example VLAN2 see below) you want to remove this particular IP from VLAN1 and instead assign it to VLAN2.

---------Below..You don't need a VLAN 2 unless you want to separate your hosts, having some on VLAN 1 and some on VLAN2.  Again, they won't be able to talk to each other if they are on different VLANs. We do this for security and performance purposes-----

------creating a new VLAN, this is good------

myswitch(config)#vlan 2
myswitch(config-vlan)# name Lab
myswitch(config-vlan)# no shut

---------If you want to use VLAN 2 instead of the native VLAN1, that's great. But you will need to assign their switch ports over to VLAN2.


--------assigning a switch port to a particular VLAN-------
--------switching ports 10 and 11 to VLAN 2.
myswitch(config)#int fa0/10
myswitch(config-if)#switch access vlan 2
myswitch(config)#int fa0/11
myswitch(config-if)#switch access vlan 2



-------------here are some mistakes--------------------------------
you do not assign IP addresses to the switch ports-----
don't issue any of these commands.

myswitch(config-vlan)#int g16/0
myswitch(config-vlan-if)#ip address 192.168.1.101 255.255.255.0
myswitch(config-vlan-if)#no shut
myswitch(config-vlan)#int g22/0
myswitch(config-vlan-if)#ip address 192.168.1.102 255.255.255.0
myswitch(config-vlan-if)#no shut
0
 

Author Comment

by:elly960
Comment Utility
You said "so long as these hosts are configured with valid IPs (IPs on the same network)".  I thought that's what I was attempting to do here (without the -vlan):

myswitch(config)#int g16/0
myswitch(config-if)#ip address 192.168.1.101 255.255.255.0
myswitch(config-if)#no shut

no?  
0
 
LVL 3

Expert Comment

by:keno44
Comment Utility
I stated hosts, not switch ports. a host is a computer, terminal, etc.

You are attempting to confiure IP addresses on switch ports. This is not supported nor is it the purpose of a switch. Routers are devices that you can configure IP addresses on.

Switches only connect hosts together on a local network.

So let's start over.

switch>enable
swicth#conf t
switch(config)#hostname myswitch
myswitch(config)# enable pass4you
------------next commands assign an IP address that you can use to connect to your switch
------------note, here we are assigning an IP to a logical interface on your switch, not a switch port
myswitch(config)#int vlan 1
myswitch(config-if)#ip address 192.168.1.100 255.255.255.0
myswitch(config-if)#exit
------------enables remote terminal connections from your PC host using TELNET or SSH
myswitch(config)#line vty 0-4
myswitch(config-line)#login
myswitch(config-line)#password some_password_you_like
------------creating a logical VLAN to separate your hosts on your local network (This is optional)
myswitch(config)#vlan 2
myswitch(config-vlan)# name Lab
myswitch(config-vlan)# no shut
------------assigning various ports to VLANs (This is optional if you do not create new VLANs)
myswitch(config)#int fa0/3
myswitch(config-if)#switch access vlan 2
------------configuring speed and duplex on a switch port to match the connecting host
myswitch(config)#int fa0/3
myswitch(config-if)#speed 1000
OR
myswitch(config-if)#speed auto (this will auto-detect the connecting hosts speed and negotiate a speed)
myswitch(config-if)#duplex full
OR
myswitch(config-if)#duplex auto (this will auto-detect the connecting hosts duplex, almost always uses full)
--------------putting a label on a switchport (This is optional, just for labeling purposes)
myswitch(config-if)#description ExchangeServerNIC_1

I hope this helps and I hope I didn't lead you down the wrong path.

You should be able to find some easy to read white papers on the difference between a switch, hub and router.

I'm still here if you need more assistance.
0
 

Author Comment

by:elly960
Comment Utility
:)  Thank you for being sooooo patient with me.  
So I'll configure the switch with basic settings with the guidelines above.  Enter an IP address at each of the computers and see if the computers can see each other?  I'll try that and see if it works.

What does it mean to span a port?  If I want to make the switch work like a hub, I should span all ports, right?  
0
 
LVL 3

Accepted Solution

by:
keno44 earned 100 total points
Comment Utility
a span port is a switch port that receives all traffic from a particular VLAN that you choose (VLAN1 if that's all you're using).

We do this so we can monitor all network traffic passing through a local network or VLAN. Intrustion detection systems are generally cabled into a span port.

You could not span all ports on a 3750 Cisco switch. 3750 Cisco switches only allow for 2 span ports. I suppose turning all ports into a span port would make the switch act like a hub but it's not possible.

TRUST ME, you wouldnt want to ever use a hub when connecting PCs, servers and printers, especially Windows devices. Hubs operate in half duplex mode and so would all the PCs connected to a hub. After adding just a few PCs to a hub, your network would slow to a crawl because of constant broadcast storms and packet collisions.  

Let me know how your switched environment is coming along!! When you're ready to close this question out, please be sure to rate the solution.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now