Scribd
Upload
81 views14 pages

CCNA 2 v5.0 Routing and Switching: Home CCNA v6.0 CCNA Security V2 IT-Essentials

The document provides configuration commands to secure a switch. It sets the hostname, enables login banners and passwords, configures SSH and remote access, enables port security on interfaces, and shuts down unused ports. The commands are presented with instructions to check specific settings like IP addresses based on the network details. Comments are added to indicate where instructions should be referenced.

Uploaded by

Carlos Castillo Palma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
81 views14 pages

CCNA 2 v5.0 Routing and Switching: Home CCNA v6.0 CCNA Security V2 IT-Essentials

The document provides configuration commands to secure a switch. It sets the hostname, enables login banners and passwords, configures SSH and remote access, enables port security on interfaces, and shuts down unused ports. The commands are presented with instructions to check specific settings like IP addresses based on the network details. Comments are added to indicate where instructions should be referenced.

Uploaded by

Carlos Castillo Palma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

48

Shares HOME CCNA v6.0 CCNA Security V2 IT-Essentials Sign In Register

CCNA 2 v5.0 Routing and Switching


46

Custom Search

Search

CCNA6
LikePage

A
e
scd
C
h
o
i

FinalExam

PracticeExam
CCNA 2 v5 RSE Chapter 2 Practice Skill Assessment PT
CONFIGURATION
Switch(config)#hostnameSW1

SW1(config)#bannermotd#WARNING!!!UnauthorizedAccessProhibited#

SW1(config)#lineconsole0

SW1(configline)#passwordcisco

SW1(configline)#login

SW1(configline)#exit

SW1(config)#enablesecretclass

SW1(config)#servicepasswordencryption

SW1(config)#interfacevlan1

SW1(configif)#ipaddress10.10.10.100255.255.255.0

SW1(configif)#noshutdown

SW1(configif)#exit

SW1(config)#ipdomainnamecisco.com

SW1(config)#cryptokeygeneratersa

Thenameforthekeyswillbe:SW1.cisco.com

Choosethesizeofthekeymodulusintherangeof360to2048foryour
GeneralPurposeKeys.
Choosingakeymodulusgreaterthan512maytake
afewminutes.

Howmanybitsinthemodulus[512]:1024
%
Generating1024bitRSAkeys,keyswillbenonexportable...[OK]

SW1(config)
SW1(config)#ipsshversion2

SW1(config)#usernameadminpasswordccna

SW1(config)#linevty015

SW1(configline)#loginlocal

SW1(configline)#transportinputssh

SW1(configline)#exit

SW1(configif)#intfa0/1
SW1(configif)#noshutdown

SW1(config)#intrangefa0/224

SW1(configifrange)#shutdown

SW1(configifrange)#intg1/2

SW1(configif)#shutdown

SW1(config)#intrangefa0/124

SW1(configifrange)#switchportmodeaccess

SW1(configifrange)#switchportportsecurity

SW1(configifrange)#switchportportsecuritymacaddresssticky

SW1(configifrange)#switchportportsecuritymaximum2
===================================

UPDATED ANSWERS version 1

Switch(config)#hostname

(config)#banner motd ##

(config)#line console 0

(config-line)#password cisco

(config-line)#login

(config-line)#exit

(config)#enable secret class

(config)#service password-encryption

(config)#interface vlan1

(config-if)#ip address 255.255.255.0


(config-if)#ip default-gateway

(config-if)#no shutdown

(config-if)#exit

(config)#ip domain-name cisco.com

(config)#crypto key generate rsa

The name for the keys will be: .cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

(config)
(config)#ip ssh version 2

(config)#username admin secret ccna

(config)#line vty 0 15
(config)#line vty 0 15

(config-line)#login local

(config-line)#transport input ssh

(config-line)#exit

(config-if)#int fa0/1

(config-if)#no shutdown

(config)#int range fa0/2-24

(config-if-range)#shutdown

(config-if-range)#int g0/2

(config-if)#shutdown

(config)#int range fa0/1-24

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

(config)#int range g0/1-2

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

===================================

UPDATED ANSWERS version 2

Switch(config)#hostname

(config)#banner motd ##

(config)#line console 0

(config-line)#password cisco

(config-line)#login

(config-line)#exit

(config)#enable secret class

(config)#service password-encryption

(config)#interface vlan1

(config-if)#ip address 255.255.255.0


(config-if)#ip default-gateway

(config-if)#no shutdown

(config-if)#exit

(config)#ip domain-name cisco.com

(config)#crypto key generate rsa

The name for the keys will be: .cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

(config)
(config)#ip ssh version 2

(config)#username admin secret ccna

(config)#line vty 0 15

(config-line)#login local

(config-line)#transport input ssh

(config-line)#exit

(config-if)#int fa0/1

(config-if)#no shutdown

(config)#int range fa0/2-24

(config-if-range)#shutdown

(config-if-range)#int g0/2

(config-if)#shutdown

(config)#int range fa0/1-24

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

(config)#int range g0/1-2

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

===================================

Sorry for the inconvenience. The form blocks angle brackets

UPDATED ANSWERS version 3

Switch(config)#hostname [check hostname instructions]

[CHECK HOSTNAME ON INSTRUCTIONS](config)#banner motd #[any]#

[CHECK HOSTNAME ON INSTRUCTIONS](config)#line console 0

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#password cisco

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#login

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config)#enable secret class


[CHECK HOSTNAME ON INSTRUCTIONS](config)#service password-encryption

[CHECK HOSTNAME ON INSTRUCTIONS](config)#interface vlan1

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#ip address [check IP] 255.255.255.0


[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#ip default-gateway [ip address of
router port to Switch]

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#no shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config)#ip domain-name cisco.com

[CHECK HOSTNAME ON INSTRUCTIONS](config)#crypto key generate rsa

The name for the keys will be: [CHECK HOSTNAME ON INSTRUCTIONS].cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

[CHECK HOSTNAME ON INSTRUCTIONS](config)


[CHECK HOSTNAME ON INSTRUCTIONS](config)#ip ssh version 2

[CHECK HOSTNAME ON INSTRUCTIONS](config)#username admin secret ccna

[CHECK HOSTNAME ON INSTRUCTIONS](config)#line vty 0 15

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#login local

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#transport input ssh

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#int fa0/1

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#no shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range fa0/2-24

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#int g0/2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range fa0/1-24

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport mode access

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security mac-


address sticky

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security


maximum 2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)# switchport port-security


violation shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range g0/1-2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport mode access

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security mac-


address sticky
[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-security
maximum 2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)# switchport port-security


violation shutdown

CCNA2RSE CCNA2v5.0 CCNA2Chapter4 CCNA2Chapter7


PracticeSkills... Routingand... v5Exam... v5Exam...

CCNA2Chapter5 CCNA2Chapter CCNA2Chapter2 CCNA2RSE


v5Exam... 10v5Exam... v5Exam... Chapter6...

8 August 11, 2014 by CCNA5.NET in answers assessment ccna 2


ccna skill assessment Practice
CCNA 2 v5.0 Routing and Switching,
CCNA v5.0 Final Exams Packet Tracer

Comments

CAT November 19, 2014 Reply

Forgot ip default-gateway after entering vlan1s ip address

MrC December 3, 2014 Reply

Also int g1/2 should be int g0/2 obvious

AA December 12, 2014 Reply

Thank CAT, thats right.


and the

switchport port-security violation protect for the last part

Vgt February 15, 2015 Reply

the power from fa0/1-24 must be on

CiscoSaver February 22, 2015 Reply

UPDATED ANSWERS

Switch(config)#hostname

(config)#banner motd ##

(config)#line console 0

(config-line)#password cisco

(config-line)#login
(config-line)#login

(config-line)#exit

(config)#enable secret class

(config)#service password-encryption

(config)#interface vlan1

(config-if)#ip address 255.255.255.0


(config-if)#ip default-gateway

(config-if)#no shutdown

(config-if)#exit

(config)#ip domain-name cisco.com

(config)#crypto key generate rsa

The name for the keys will be: .cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

(config)
(config)#ip ssh version 2

(config)#username admin secret ccna

(config)#line vty 0 15

(config-line)#login local

(config-line)#transport input ssh

(config-line)#exit

(config-if)#int fa0/1

(config-if)#no shutdown

(config)#int range fa0/2-24

(config-if-range)#shutdown

(config-if-range)#int g0/2

(config-if)#shutdown

(config)#int range fa0/1-24

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

(config)#int range g0/1-2

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security
(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

CiscoSaver February 22, 2015 Reply

UPDATED ANSWERS version 2

Switch(config)#hostname

(config)#banner motd ##

(config)#line console 0

(config-line)#password cisco

(config-line)#login

(config-line)#exit

(config)#enable secret class

(config)#service password-encryption

(config)#interface vlan1

(config-if)#ip address 255.255.255.0


(config-if)#ip default-gateway

(config-if)#no shutdown

(config-if)#exit

(config)#ip domain-name cisco.com

(config)#crypto key generate rsa

The name for the keys will be: .cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

(config)
(config)#ip ssh version 2

(config)#username admin secret ccna

(config)#line vty 0 15

(config-line)#login local

(config-line)#transport input ssh

(config-line)#exit

(config-if)#int fa0/1

(config-if)#no shutdown

(config)#int range fa0/2-24

(config-if-range)#shutdown
(config-if-range)#int g0/2

(config-if)#shutdown

(config)#int range fa0/1-24

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

(config)#int range g0/1-2

(config-if-range)#switchport mode access

(config-if-range)#switchport port-security

(config-if-range)#switchport port-security mac-address sticky

(config-if-range)#switchport port-security maximum 2

(config-if-range)# switchport port-security violation shutdown

CiscoSaver February 22, 2015 Reply

Sorry for the inconvenience. The form blocks angle brackets

UPDATED ANSWERS version 3

Switch(config)#hostname [check hostname instructions]

[CHECK HOSTNAME ON INSTRUCTIONS](config)#banner motd #[any]#

[CHECK HOSTNAME ON INSTRUCTIONS](config)#line console 0

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#password cisco

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#login

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config)#enable secret class

[CHECK HOSTNAME ON INSTRUCTIONS](config)#service password-encryption

[CHECK HOSTNAME ON INSTRUCTIONS](config)#interface vlan1

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#ip address [check IP]


255.255.255.0
[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#ip default-gateway [ip
address of router port to Switch]

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#no shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config)#ip domain-name cisco.com

[CHECK HOSTNAME ON INSTRUCTIONS](config)#crypto key generate rsa

The name for the keys will be: [CHECK HOSTNAME ON


INSTRUCTIONS].cisco.com

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys.
Choosing a key modulus greater than 512 may take
a few minutes.
Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024


%
Generating 1024 bit RSA keys, keys will be non-exportable[OK]

[CHECK HOSTNAME ON INSTRUCTIONS](config)


[CHECK HOSTNAME ON INSTRUCTIONS](config)#ip ssh version 2

[CHECK HOSTNAME ON INSTRUCTIONS](config)#username admin secret ccna

[CHECK HOSTNAME ON INSTRUCTIONS](config)#line vty 0 15

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#login local

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#transport input ssh

[CHECK HOSTNAME ON INSTRUCTIONS](config-line)#exit

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#int fa0/1

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#no shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range fa0/2-24

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#int g0/2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if)#shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range fa0/1-24

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport mode


access

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security mac-address sticky

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security maximum 2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)# switchport port-


security violation shutdown

[CHECK HOSTNAME ON INSTRUCTIONS](config)#int range g0/1-2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport mode


access

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security mac-address sticky

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)#switchport port-


security maximum 2

[CHECK HOSTNAME ON INSTRUCTIONS](config-if-range)# switchport port-


security violation shutdown

James March 26, 2015 Reply

Please add url of this post to the index, because there isnt.
Comment

Name

Email

six = twelve

Add Comment

CCNA5.NET => HOME CCNA v6.0 CCNA Security V2 IT-Essentials

You might also like