Switched Networks

Workshop C : Managing the tunisian Post Network

Fascicle 1: Basic Switch Configuration

Context
Following a reorganization of the premises of the ‘Southern region » site (Zone ZD), you, as the
network administrator of the « Tunisian Network », have been asked to set up and configure the
network equipment of a new office in order to ensure its integration into the network.
To do this, you need to deploy a new switch in the ZD network zone to ensure the
interconnection between the workstations in this new office.
Objective
At the end of this work, by completing the required tasks, you will be able to:
 Do the basic configuration of the newly added switch
 Configure the port security of the switch to avoid any intrusion.

Tasks to do
For this first part of the workshop, you will be asked to perform the necessary manipulations on
the ZD zone to accomplish the following tasks:
 Add a new switch
 Adding two workstations
 Cabling these new network devices (and their connections to the rest of the network)
 Basic configuration of the switch
 Configuring security access to the switch ports

2021-2021 1
Switched NetworksWorkshop C

Part 1: Configuration of basic switch setings

In this section, you will check the default settings of the switch and apply the basic configuration.
1- Start by adding a switch (type 2960) in the ZD zone and interconnect it properly to the
ZD-switch1 via port F0/10.
Call the new switch ZD-your_team_name on the topology.

2- Then add two workstations ZD-PC4 and ZD-PC5 and connect them to the new switch on
ports F0/1 and F0/2 respectively. Configure the two workstations with an appropriate IP
address.
NB: Remember to check the range of the local network in the ZD zone.

3- Before starting any configuration, you want to check the number of interfaces available
on the switch and other settings. To do this, you need to check the current configuration
file.

How many FastEthernet interfaces does the switch have?

How many Gigabit Ethernet interfaces does the switch have?
What version of Cisco IOS is the switch running?

Compare the current configuration file with the initial configuration file.

4- Then, as a basic configuration, configure using cisco commands:

a. The device name: ZD-Switch5
b. An encrypted password for the privileged EXEC mode: pwdpriv
c. Disable undesirable DNS lookup
d. A banner MOTD message « Authorized users are: “your full names” »
e. A password for console line access: pwdconsole
f. A password for remote access via VTY lines: pwdvty
g. Encrypt the different passwords to increase security level.
h. The address of the default gateway
NB: Check the IP address of your ZD router for this configuration.

Apply the necessary commands to achieve these different configurations.

Then apply the necessary command to save all the configurations.

5- Now you want to complete the configuration of the switch from your office (ZD-PC2).
Thus, you need to configure an IP address before going into remote mode (Telnet mode).

Configure the SVI interface (VLAN1 interface) of the switch with the IP address
10.150.10.253/24

6- Test connectivity to one of the added workstations.

2
Switched NetworksWorkshop C

7- Once the IP address configuration is done, you are sitting quietly in your office (ZD-PC2)
to access the ZD-Switch5 remotely.

Test a Telnet connection from the ZD-PC2 workstation.

Part 2: Manage Switch MAC Address Table
You want now to manipulate the MAC address table of ZD-Switch5 to add a static MAC address
on one of its interfaces.
1- Test the connectivity between ZD-PC4 and ZD-Switch5.

2- Display the MAC address table of the ZD-Switch5.

3- You want to delete the content of the switch MAC address table to include a static entry.
a- Apply the necessary command to clear the MAC address table.
b- Configure a static entry on the SVI interface (VLAN 1 interface).
Which command did you use?

NB: You must use the MAC address of ZD-PC4. To get it, you can use the command
ipconfig /all in the command prompt of the workstation.

4- Delete this static input to favor self-learning.

Which command did you use?
Part 3 : Switch port security management
To secure ports access of the device ZD-Switch5, you must make the following configurations:
1- Disable all unused physical ports to prevent unauthorized access.
a. Start by running the necessary command to check the status of each interface to
determine which are the unused interfaces to disable.

Which command did you use to check the status of the physical interfaces?

b. Disable the appropriate ports.

NB: For disabling, you can use the interface-range command to make it easier.

2- You now want to restrict access to port F0/1 only for PC ZD-PC4 currently connected to
this port. You have decided to configure the port security statically so that the port is
disabled in the case of a violation.

a. Start by getting the MAC address of the ZD-PC4 workstation.

NB: To do this, you can use the command ipconfig /all at the workstation command
prompt.

3
Switched NetworksWorkshop C

b. Make the necessary configuration for a static port security with the MAC address of
ZD-PC4.
c. Check the port security configuration of the F0/1 interface of ZD-Switch5.
Which command did you use?

d. Test the connectivity between the ZD-Switch5 and the ZD-PC4 workstation. Was the
ping successful? Why or why not?

e. To test the behavior of the switch in the case of a violation, you have decided to
connect the ZD-PC5 workstation on the F0/1 interface.

Make the necessary cabling changes for verification and test the connectivity by sending a
Ping between the SVI of ZD-Switch5 and the ZD-PC5 workstation. Was the ping
successful? Why?
If there is a problem, recheck the security of the ZD-Switch5 F0/1 interface. Interpret the
result.

Good Work 