Konfigurasi Cisco Catalyst Switch

Posted by Belajar cisco untuk pemula on

Thursday, May 19, 2016

Konfigurasi Cisco Catalyst Switch

Task 1: Konfigurasi awal Cisco Catalyst Switch

Menghapus konfigurasi router/switch:

> enable

# erase startup-config

# reload

Setelah switch selesai booting:

Would you like to enter the initial configuration dialog? [yes/no]:  n à masuk ke Command Line Interface (CLI)

>  è (user mode)

> enable

# è (privileged/enabled mode)

# ?          è help mode

# s?

# show ?

# show version

# sh ver

# sh<tab> ver<tab>

# sh flash

# show running-config                   ATAU    #sh run

# show startup-config    ATAU    # sh start

# configure terminal       ATAU    #conf t

(config)#  è (global config)

(config)# clock timezone WIB 7

(config)# end

# clock set 13:27:00 7 mar 2010

# show clock

# conf t

(config)#  hostname Switch-A    ATAU    (config)#  hostname Switch-B

(config)#  enable secret cisco     è  utk set password utk masuk privileged mode

(config)# banner login "

[isi pesan utk yg akan login: warning] "  à akan muncul pada saat ada yg login via telnet / console

(config)# banner motd "

[isi pesan] "  à akan muncul pada saat ada yg login (console)

(config)#  interface vlan 1             ATAU    (config)# int vlan 1

(config-if)#  è (interface config)

(config-if)# description  *** logical interface vlan 1 ***

(config-if)# ip address 10.1.1.10 255.255.255.0    ATAU     (config-if)# ip address 10.1.1.20 255.255.255.0

(config-if)# no shutdown             è utk mengaktifkan interface

(config-if)# exit

(config)# ip default-gateway 10.1.1.1      è agar bisa berkomunikasi dengan jaringan lain

(config-if)# line vty 0 4

(config-line)#  è (line config)

(config-line)# password ccna      è utk set password telnet

(config-line)# login                          è agar nge-cek password   

(config-line)# exec-timeout 5 0                 è 5 menit 0 detik

(config-line)# logging synchronous          è agar prompt muncul lagi ketika ada logging

(config-line)# line console 0

(config-line)# no login      è tidak ngecek password

(config-line)# exec-timeout 0 0 èunlimited timeout 

(config-line)# logging synchronous

(config-line)# end

# copy (source) (destination)

# copy running-config startup-config      ATAU     # copy run start

# write memory               ATAU   # wr

# sh start

# sh run

# sh mac-address-table

# sh session        è melihat session telnet/ssh dari switch kita ke perangkat lain

# sh user              è melihat siapa saja yg sedang login ke switch kita

# send *               è kirim pesan ke semua user

[isi pesan]

CTRL-Z

# send 2               è kirim ke salah satu user

# clear line 2

Task 2: Konfigurasi SSH

(config)# hostname Switch-A                     ATAU    (config)# hostname Switch-B

(config)# ip domain-name cyrotrain.net

(config)# username netadmin privilege 15 secret netadmin

(config)# crypto key generate rsa

(config)# ip ssh version 2

(config)# line vty 0 4                       è membuka 5 line telnet

(config-line)# login local                                è menggunakan username-password yg ada di switch

(config-line)# transport input ssh telnet

(config-line)# end

Task 3: Konfigurasi Port-Security

# sh mac-address-table

# conf t

(config)# int f0/2

(config-if)# desc  ***connected to PC-A***

(config-if)# switchport mode access

(config-if)# switchport port-security

(config-if)# switchport port-security maximum 1

(config-if)# switchport port-security mac-address sticky

(config-if)# switchport port-security violation shutdown

(config-if)#end

# sh mac-address-table

# sh port-security

Utk menormalkan interface yg di-shutdown oleh port-security:

1. Copot MAC illegal, dan kembalikan MAC yg terdaftar
2. (config)# int f0/2

(config-if)# shutdown

(config-if)# no shutdown

Utk menghapus konfigurasi Port-Security:

(config)# int f0/2

(config-if)# no switchport port-security maximum

(config-if)# no switchport port-security

(config-if)#end

Task 4: Matikan interface yg tidak terpakai

(config)# int f0/1

(config-if)# shutdown

(config-if)# int range f0/3 - 11

(config-if-range)# shutdown

(config-if-range)# end

Task 5: Verifikasi protokol CDP (cisco discovery protocol)

# sh cdp neighbor

# sh cdp neighbor detail

# sh cdp traffic

# sh cdp interface

(config)# no cdp run       è mematikan cdp di seluruh interface

(config)# cdp run             è mengaktifkan cdp di seluruh interface

(config)# int f0/5

(config-if)# no cdp enable            è mematikan cdp di interface tertentu saja

(config-if)# cdp enable                  è mengaktifkan interface di interface tertentu saja

Task 6: Menggunakan TFTP server untuk Backup & Restore

Backup config from Switch to TFTP server (PC-A 10.1.1.11):

# copy run tftp://10.1.1.11/switch-A.cfg

Restore config from TFTP server to Switch:

# copy tftp://10.1.1.11/switch-A.cfg run

Backup IOS from Switch to TFTP server:

# sh flash

# copy flash: c2950-i6k2l2q4-mz.121-22.EA8a.bin  tftp://10.1.1.11

Restore IOS from TFTP server to Switch:

# copy tftp://10.1.1.11/c2950…bin flash

Task 7: Password Recovery di Cisco Catalyst Switch 2950/2960

1. Matikan switch

2. Tekan tombol MODE & nyalakan switch

3. setelah beberapa detik, lepas tombol MODE

   : flash_init

   : load_helper

   : rename flash:config.text flash:config.old

   : boot

4. tunggu proses reload pada switch

     would you like to make initial configuration?  n

5. > ena

   # copy flash:config.old run

   # conf t

   (config)# ena secret [new password]

   (config)# line vty 0 4

   (config-line)# password [new password]

   (config-line)# line console 0

   (config-line)# no login

   (config-line)# end

   # copy run star

   # reload

• Konfigurasi VLAN pada Cisco Catalyst Switch
• SPANNING-TREE PROTOCOL