S.

Rohithkumar

22BHI10081

COMPUTER NETWORK
LAB WORK

KEERTI VIJAY ANANTH 22BHI10189

 Performing an Initial Switch Configuration

Objectives

• Perform an initial configuration of a Cisco Catalyst 2960 switch.

Background / Preparation

In this activity, you will configure these settings on the customer Cisco Catalyst 2960 switch:

• Host name

• Console password

• vty password

• Privileged EXEC mode password

• Privileged EXEC mode secret

• IP address on VLAN1 interface

• Default gateway

Note: Not all commands are graded by Packet Tracer.

Reflection

a. What is the significance of assigning the IP address to the VLAN1 interface instead of any
of the Fast Ethernet interfaces?

Assigning the IP address to the VLAN1 interface instead of any of the Fast Ethernet interfaces is
significant because the VLAN1 interface represents the management interface for the switch.
This allows for remote management and configuration of the switch independently of the
 physical ports, providing a centralized point for network administration and ensuring that the IP
address is not tied to a specific physical interface, which could change or be reconfigured.

b. What command is necessary to enforce password authentication on the console and vty
lines?

c. How many gigabit ports are available on the Cisco Catalyst 2960 switch that you used in
the activity?

The Cisco Catalyst 2960 switch typically has 2 gigabit ports.

Performing an Initial Router Configuration

Objectives

• Configure the router host name.

• Configure passwords.

• Configure banner messages.

• Verify the router configuration.

Reflection
 a. Which Cisco IOS CLI commands did you use most?

The most commonly used Cisco IOS CLI commands are:

1. Configuration commands:

• configure terminal` (or `conf t`): Enter global configuration mode.

• interface <type> <number>: Enter interface configuration mode.
• ip address <address> <subnet mask>: Assign an IP address to an interface. no
shutdown: Enable an interface.
2. Verification and monitoring commands:

• show running-config (or `show run`): Display the current configuration.

• show ip interface brief: Display a summary of IP information for all interfaces.
• show interfaces: Display detailed information about interfaces. show vlan
brief: Display VLAN information.

3. Security commands:

• enable secret <password>: Set the enable (privileged EXEC) password.

• line console 0 and line vty 0 4: Enter line configuration mode for console and vty lines.
• password <password> and login: Set and enforce password authentication.

4. VLAN commands:

• vlan <number>: Create and configure a VLAN.

• name <vlan_name>: Assign a name to a VLAN.
 • interface vlan <number>: Enter VLAN interface configuration mode.

5. Save configuration:

• write memory(or copy running-config startup-config): Save the current configuration to

NVRAM.

b. How can you make the customer router passwords more secure?
To make router passwords more secure, you can:

• Use Strong Passwords: Employ complex passwords with a mix of letters, numbers,
and special characters.
• Enable Password Encryption: Use the `service password-encryption` command to
encrypt plaintext passwords in the configuration file.
• Set Privileged EXEC Password: Use the `enable secret <password>` command for an
encrypted enable password.
• Use Access Control: Restrict access to the router using Access Control Lists (ACLs).
• Implement SSH for Remote Access: Disable Telnet and enable SSH for secure remote
management.
• Regularly Update Passwords: Change passwords periodically and after personnel
changes.
• Limit Login Attempts: Configure login attempt limits with the `login block-for`
command to prevent brute force attacks.