Software Guide
Page 6
Contents Hostnames 5-12 Passwords 5-13 SNMP Community Strings 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900... Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol 6-2 Configuring NTP 6-3 Default NTP Configuration 6-4 Configuring NTP Authentication 6-4 Configuring NTP Associations 6-5 Configuring NTP Broadcast Service 6-6 Configuring NTP Access Restrictions 6-8 Configuring the Source IP Address for NTP Packets 6-10...
Contents Hostnames 5-12 Passwords 5-13 SNMP Community Strings 5-13 TACACS+ and RADIUS 5-14 LRE Profiles 5-14 Using the CLI to Manage Switch Clusters 5-14 Catalyst 1900... Switch Clusters 5-15 6 C H A P T E R Administering the Switch 6-1 Managing the System Time and Date 6-1 Understanding the System Clock 6-1 Understanding Network Time Protocol 6-2 Configuring NTP 6-3 Default NTP Configuration 6-4 Configuring NTP Authentication 6-4 Configuring NTP Associations 6-5 Configuring NTP Broadcast Service 6-6 Configuring NTP Access Restrictions 6-8 Configuring the Source IP Address for NTP Packets 6-10...
Software Guide
Page 7
... 8-1 Preventing Unauthorized Access to Your Switch 8-1 Protecting Access to Privileged EXEC Commands 8-2 Default Password and Privilege Level Configuration 8-2 Setting or Changing a Static Enable Password 8-3 Protecting Enable and Enable Secret Passwords with Encryption 8-3 Disabling Password Recovery 8-5 Setting a Telnet Password for a Terminal Line 8-6 Configuring Username and Password Pairs 8-6 Configuring Multiple Privilege Levels 8-7 Setting the Privilege Level for a Command 8-8 Changing...
... 8-1 Preventing Unauthorized Access to Your Switch 8-1 Protecting Access to Privileged EXEC Commands 8-2 Default Password and Privilege Level Configuration 8-2 Setting or Changing a Static Enable Password 8-3 Protecting Enable and Enable Secret Passwords with Encryption 8-3 Disabling Password Recovery 8-5 Setting a Telnet Password for a Terminal Line 8-6 Configuring Username and Password Pairs 8-6 Configuring Multiple Privilege Levels 8-7 Setting the Privilege Level for a Command 8-8 Changing...
Software Guide
Page 12
...-1 The VTP Domain 13-2 VTP Modes 13-3 VTP Advertisements 13-3 VTP Version 2 13-4 VTP Pruning 13-4 Configuring VTP 13-6 Default VTP Configuration 13-6 VTP Configuration Options 13-7 VTP Configuration in Global Configuration Mode 13-7 VTP Configuration in VLAN Database Configuration Mode 13...-7 VTP Configuration Guidelines 13-8 Domain Names 13-8 Passwords 13-8 VTP Version 13-8 Configuration Requirements 13-9 Configuring a VTP Server 13-9 Configuring a VTP Client 13-11 Disabling VTP (VTP ...
...-1 The VTP Domain 13-2 VTP Modes 13-3 VTP Advertisements 13-3 VTP Version 2 13-4 VTP Pruning 13-4 Configuring VTP 13-6 Default VTP Configuration 13-6 VTP Configuration Options 13-7 VTP Configuration in Global Configuration Mode 13-7 VTP Configuration in VLAN Database Configuration Mode 13...-7 VTP Configuration Guidelines 13-8 Domain Names 13-8 Passwords 13-8 VTP Version 13-8 Configuration Requirements 13-9 Configuring a VTP Server 13-9 Configuring a VTP Client 13-11 Disabling VTP (VTP ...
Software Guide
Page 34
... mode on all switch ports for - Performance Features The switch ships with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a single IP address. - Applying actions to identify link information between switches...statistic reports, link- For more information about the device manager, see the getting started guide. • User-defined and Cisco-default Smartports macros for creating custom switch configurations for simplified deployment across the network. • An embedded device manager GUI for ...
... mode on all switch ports for - Performance Features The switch ships with basic IP information, contact information, switch and Telnet passwords, and Simple Network Management Protocol (SNMP) information through a single IP address. - Applying actions to identify link information between switches...statistic reports, link- For more information about the device manager, see the getting started guide. • User-defined and Cisco-default Smartports macros for creating custom switch configurations for simplified deployment across the network. • An embedded device manager GUI for ...
Software Guide
Page 43
Chapter 1 Overview Default Settings After Initial Switch Configuration • No passwords are applied. For more information, see Chapter 6, "Administering the Switch." • NTP is disabled. For more information, see Chapter 8, "Configuring Switch-Based Authentication." • IEEE ..., see Chapter 8, "Configuring Switch-Based Authentication." • RADIUS is disabled. Voice VLAN is VLAN 1. For more information, see Chapter 11, "Configuring Smartports Macros." • VLANs - Default VLAN is disabled. For more information, see Chapter 13, "Configuring VTP." -
Chapter 1 Overview Default Settings After Initial Switch Configuration • No passwords are applied. For more information, see Chapter 6, "Administering the Switch." • NTP is disabled. For more information, see Chapter 8, "Configuring Switch-Based Authentication." • IEEE ..., see Chapter 8, "Configuring Switch-Based Authentication." • RADIUS is disabled. Voice VLAN is VLAN 1. For more information, see Chapter 11, "Configuring Smartports Macros." • VLANs - Default VLAN is disabled. For more information, see Chapter 13, "Configuring VTP." -
Software Guide
Page 51
...example, most of the commands are available in . Normally, you must enter a password to the running configuration. The user EXEC commands are stored and used when the...2 C H A P T E R Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) and how to use it to all commands, you must ... • Understanding the Help System, page 2-3 • Understanding Abbreviated Commands, page 2-4 • Understanding no and default Forms of Commands, page 2-4 • Understanding CLI Error Messages, page 2-5 • Using Configuration Logging, page 2-5...
...example, most of the commands are available in . Normally, you must enter a password to the running configuration. The user EXEC commands are stored and used when the...2 C H A P T E R Using the Command-Line Interface This chapter describes the Cisco IOS command-line interface (CLI) and how to use it to all commands, you must ... • Understanding the Help System, page 2-3 • Understanding Abbreviated Commands, page 2-4 • Understanding no and default Forms of Commands, page 2-4 • Understanding CLI Error Messages, page 2-5 • Using Configuration Logging, page 2-5...
Software Guide
Page 60
... must connect a terminal or PC to establish a connection with the Telnet or SSH client, and the switch must have an enable secret password configured. You can use this type of access. Using these methods to the switch console port and power on the switch, as described in.... For information about configuring the switch for Telnet access, see Chapter 3, "Assigning the Switch IP Address and Default Gateway." This example shows how to see the "Setting a Telnet Password for show and more command followed by the pipe character (|), one of output or if you want to five...
... must connect a terminal or PC to establish a connection with the Telnet or SSH client, and the switch must have an enable secret password configured. You can use this type of access. Using these methods to the switch console port and power on the switch, as described in.... For information about configuring the switch for Telnet access, see Chapter 3, "Assigning the Switch IP Address and Default Gateway." This example shows how to see the "Setting a Telnet Password for show and more command followed by the pipe character (|), one of output or if you want to five...
Software Guide
Page 61
... the Boot Process To start your switch, you need to follow the procedures in this chapter, see the command reference for this release and the Cisco IOS IP Command Reference, Volume 1 of automatic and manual methods. It also describes how to modify the switch startup configuration. 3 C H A...for installing and powering on the system board. • Loads a default operating system software image into memory and boots up the initial switch configuration (IP address, subnet mask, default gateway, secret and Telnet passwords, and so forth). Note For complete syntax and usage information for ...
... the Boot Process To start your switch, you need to follow the procedures in this chapter, see the command reference for this release and the Cisco IOS IP Command Reference, Volume 1 of automatic and manual methods. It also describes how to modify the switch startup configuration. 3 C H A...for installing and powering on the system board. • Loads a default operating system software image into memory and boots up the initial switch configuration (IP address, subnet mask, default gateway, secret and Telnet passwords, and so forth). Note For complete syntax and usage information for ...
Software Guide
Page 62
... 8-5. Note If you can also configure a hostname and an enable secret password. Normally, the boot loader is used . Assigning Switch Information Chapter 3 Assigning the Switch IP Address and Default Gateway The boot loader provides access to provide security during remote management) and... configuring your switch as a standalone switch. For more information, see the "Disabling Password Recovery" section on page 32-3. For more ...
... 8-5. Note If you can also configure a hostname and an enable secret password. Normally, the boot loader is used . Assigning Switch Information Chapter 3 Assigning the Switch IP Address and Default Gateway The boot loader provides access to provide security during remote management) and... configuring your switch as a standalone switch. For more information, see the "Disabling Password Recovery" section on page 32-3. For more ...
Software Guide
Page 63
... are defined. A relay device forwards broadcast traffic between your switch and the DHCP server. Table 3-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Hostname Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet mask are using DHCP to configure a Trivial File Transfer Protocol...
... are defined. A relay device forwards broadcast traffic between your switch and the DHCP server. Table 3-1 Default Switch Information Feature IP address and subnet mask Default gateway Enable secret password Hostname Telnet password Cluster command switch functionality Cluster name Default Setting No IP address or subnet mask are using DHCP to configure a Trivial File Transfer Protocol...
Software Guide
Page 70
... IP information is 1 to privileged EXEC mode. Verify the configured IP address. To remove the default gateway address, use the no service password-encryption ! If you entered or changes that is directly connected to the switch where a default gateway is configured, the switch has connectivity to the remote networks with IP, it does...
... IP information is 1 to privileged EXEC mode. Verify the configured IP address. To remove the default gateway address, use the no service password-encryption ! If you entered or changes that is directly connected to the switch where a default gateway is configured, the switch has connectivity to the remote networks with IP, it does...
Software Guide
Page 93
... been added to all other cluster-capable switches for related considerations, see the "IP Addresses" section on page 5-12 and "Passwords" section on standby cluster command switches. Candidate Switch and Cluster Member Switch Characteristics Candidate switches are switches that connectivity to the cluster... cluster command switch must meet these requirements: • It is running Cisco IOS Release 12.2(25)FX or later. • It has an IP address. • It has Cisco Discovery Protocol (CDP) version 2 enabled (the default). • It is not a command or cluster member switch of ...
... been added to all other cluster-capable switches for related considerations, see the "IP Addresses" section on page 5-12 and "Passwords" section on standby cluster command switches. Candidate Switch and Cluster Member Switch Characteristics Candidate switches are switches that connectivity to the cluster... cluster command switch must meet these requirements: • It is running Cisco IOS Release 12.2(25)FX or later. • It has an IP address. • It has Cisco Discovery Protocol (CDP) version 2 enabled (the default). • It is not a command or cluster member switch of ...
Software Guide
Page 138
... 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. Privilege levels define what commands users can then use the same database to a network or network device. Table 8-1 Default Password and Privilege Levels Feature Enable password and privilege level Enable secret password and privilege level Line password Default Setting No password is level 15...
... 12.2 from the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command References. Privilege levels define what commands users can then use the same database to a network or network device. Table 8-1 Default Password and Privilege Levels Feature Enable password and privilege level Enable secret password and privilege level Line password Default Setting No password is level 15...
Software Guide
Page 139
...) Save your entries in privileged EXEC mode, follow these steps to access privileged EXEC mode (the default) or any privilege level you can establish an encrypted password that users must enter to set or change an existing password for example, to the privileged EXEC mode. you specify. Beginning in the configuration file. Define...
...) Save your entries in privileged EXEC mode, follow these steps to access privileged EXEC mode (the default) or any privilege level you can establish an encrypted password that users must enter to set or change an existing password for example, to the privileged EXEC mode. you specify. Beginning in the configuration file. Define...
Software Guide
Page 140
...8226; (Optional) For level, the range is 15 (privileged EXEC mode privileges). • For password, specify a string from 0 to 25 alphanumeric characters. The default level is from 1 to 15. If you specify an encryption type, you copy from being readable ...default, no enable secret [level level] global configuration command. To remove a password and level, use the no service password-encryption global configuration command. To disable password encryption, use the no enable password [level level] or no password is defined. • (Optional) For encryption-type, only type 5, a Cisco...
...8226; (Optional) For level, the range is 15 (privileged EXEC mode privileges). • For password, specify a string from 0 to 25 alphanumeric characters. The default level is from 1 to 15. If you specify an encryption type, you copy from being readable ...default, no enable secret [level level] global configuration command. To remove a password and level, use the no service password-encryption global configuration command. To disable password encryption, use the no enable password [level level] or no password is defined. • (Optional) For encryption-type, only type 5, a Cisco...
Software Guide
Page 141
... boot manual global configuration command. With password recovery disabled, you keep a backup copy of the configuration file on a secure server in VTP transparent mode, we recommend that is accessible by the boot loader and the Cisco IOS image, but the configuration file ... Access to Privileged EXEC Commands This example shows how to configure the encrypted password $1$FaD0$Xyti5Rkls3LoyxzS8 for privilege level 2: Switch(config)# enable secret level 2 5 $1$FaD0$Xyti5Rkls3LoyxzS8 Disabling Password Recovery By default, any user. When this feature is not accessible by any end user ...
... boot manual global configuration command. With password recovery disabled, you keep a backup copy of the configuration file on a secure server in VTP transparent mode, we recommend that is accessible by the boot loader and the Cisco IOS image, but the configuration file ... Access to Privileged EXEC Commands This example shows how to configure the encrypted password $1$FaD0$Xyti5Rkls3LoyxzS8 for privilege level 2: Switch(config)# enable secret level 2 5 $1$FaD0$Xyti5Rkls3LoyxzS8 Disabling Password Recovery By default, any user. When this feature is not accessible by any end user ...
Software Guide
Page 657
... copy operation. • When you are accessing the switch through the console port or a Telnet session. ip ftp password password (Optional) Change the default password. Log into the switch through a Telnet session and you have a valid username, this username is properly configured by ... with the Cisco IOS File System, Configuration Files, and Software Images Working with an IP address of 172.16.101.101 to the switch startup configuration. ip ftp username username (Optional) Change the default remote username. or copy ftp:[[[//[username[:password]@]location]/directory]...
... copy operation. • When you are accessing the switch through the console port or a Telnet session. ip ftp password password (Optional) Change the default password. Log into the switch through a Telnet session and you have a valid username, this username is properly configured by ... with the Cisco IOS File System, Configuration Files, and Software Images Working with an IP address of 172.16.101.101 to the switch startup configuration. ip ftp username username (Optional) Change the default remote username. or copy ftp:[[[//[username[:password]@]location]/directory]...
Software Guide
Page 658
...filename] or copy nvram:startup-config ftp:[[[//[username[:password]@]location]/directory] /filename] This example shows how to copy the running configuration file named switch2-confg to the netadmin1 directory on the remote host with the Cisco IOS File System, Configuration Files, and Software ...2 Step 3 Step 4 Step 5 Step 6 Step 7 Command Purpose Verify that the FTP server is required only if you override the default remote username or password (see Steps 4, 5, and 6). Log into the switch through the console port or a Telnet session. Working with Configuration Files Appendix B ...
...filename] or copy nvram:startup-config ftp:[[[//[username[:password]@]location]/directory] /filename] This example shows how to copy the running configuration file named switch2-confg to the netadmin1 directory on the remote host with the Cisco IOS File System, Configuration Files, and Software ...2 Step 3 Step 4 Step 5 Step 6 Step 7 Command Purpose Verify that the FTP server is required only if you override the default remote username or password (see Steps 4, 5, and 6). Log into the switch through the console port or a Telnet session. Working with Configuration Files Appendix B ...
Software Guide
Page 674
... follow Steps 1 through 7 to view the valid username. Enter global configuration mode. Working with Software Images Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images • If you are accessing the switch through the console port or a Telnet session...by referring to the "Preparing to privileged EXEC mode. For more information, see Steps 4, 5, and 6). (Optional) Change the default remote username. (Optional) Change the default password. To keep the current image. B-30 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
... follow Steps 1 through 7 to view the valid username. Enter global configuration mode. Working with Software Images Appendix B Working with the Cisco IOS File System, Configuration Files, and Software Images • If you are accessing the switch through the console port or a Telnet session...by referring to the "Preparing to privileged EXEC mode. For more information, see Steps 4, 5, and 6). (Optional) Change the default remote username. (Optional) Change the default password. To keep the current image. B-30 Catalyst 2960 Switch Software Configuration Guide OL-8603-04
Software Guide
Page 676
...terminal Enter global configuration mode. Directory and image names are removed. ip ftp password password (Optional) Change the default password. end Return to the FTP server. • For //username:password, specify the username and password. If you kept the old image during the download process (you specified ...Use the upload feature only if the web management pages associated with the embedded device manager have been installed with the Cisco IOS File System, Configuration Files, and Software Images The algorithm installs the downloaded image onto the system board flash device ...
...terminal Enter global configuration mode. Directory and image names are removed. ip ftp password password (Optional) Change the default password. end Return to the FTP server. • For //username:password, specify the username and password. If you kept the old image during the download process (you specified ...Use the upload feature only if the web management pages associated with the embedded device manager have been installed with the Cisco IOS File System, Configuration Files, and Software Images The algorithm installs the downloaded image onto the system board flash device ...