Part 2

Implementing Ethernet
LANs

12/25/2024 Eng.Omar Abdirahin Khalif 1

Chapter 4: Using the Command-Line
Interface
Accessing the Cisco Catalyst Switch CLI
(Command Line Interface):
Cisco uses the concept of a command-line interface (CLI)
with its Switch and Router.
The CLI is a text-based interface in which the user, typically
a network engineer, enters a text command and presses
Enter.
Pressing Enter sends the command to the Switch,Router
which tells the device to do something.
. 12/25/2024 Eng.Omar Abdirahin Khalif 2
Chapter 4: Using the Command-Line
Interface
Cisco Catalyst Switches

12/25/2024 Eng.Omar Abdirahin Khalif 3

Chapter 4: Using the Command-Line
Interface
Cisco Catalyst Switches
3550

12/25/2024 Eng.Omar Abdirahin Khalif 4

Chapter 4: Using the Command-Line
Interface
Accessing the Cisco IOS CLI
Like any other of computer hardware, Cisco
Switch and Router need operating system
software.
Cisco Operating system called: Internetwork
Operating System (IOS).

12/25/2024 Eng.Omar Abdirahin Khalif 5

Chapter 4: Using the Command-Line
Interface
Accessing the Cisco IOS CLI
The switch CLI can be accessed through three
popular methods:-
The console cable
Telnet
Secure Shell (SSH).

12/25/2024 Eng.Omar Abdirahin Khalif 6

Chapter 4: Using the Command-Line
Interface
Accessing the Cisco IOS CLI
The console cable:
The console cable use to configure cisco switch
and router and allow to access them.

12/25/2024 Eng.Omar Abdirahin Khalif 7

Chapter 4: Using the Command-Line
Interface
Accessing the Cisco IOS CLI
Telnet
Secure Shell (SSH).
Two methods use: the IP network in
which the switch resides to reach the switch.

12/25/2024 Eng.Omar Abdirahin Khalif 8

Chapter 4: Using the Command-Line
Interface
Cabling the Console Connection

12/25/2024 Eng.Omar Abdirahin Khalif 9

Chapter 4: Using the Command-Line
Interface
Cisco IOS Modes
When enter cisco switch and router
you see following modes:-
1)User Mode
2)Privilege Mode
3)Global Configuration Mode

12/25/2024 Eng.Omar Abdirahin Khalif 10

Chapter 4: Using the Command-Line
Interface
Cisco IOS Modes
1)User Mode
In this mode show this promt:
switch>
2)Privilege Mode
Switch#
3)Global Configuration Mode
Switch(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 11
Chapter 4: Using the Command-Line
Interface
Cisco IOS Modes
1)User Mode
In this mode you can do limited
commands.
2)Privilege Mode
In this mode you can do more commands
3)Global Configuration Mode
In this mode you can do entire cisco IOS.
12/25/2024 Eng.Omar Abdirahin Khalif 12
Chapter 4: Using the Command-Line
Interface
Building small network
Use this topology diagram:
.10 .1 .1 .10

192.168.10.0/24 192.168.20.0/24

192.168.10.20
12/25/2024 Eng.Omar Abdirahin Khalif
192.168.20.20/24 13
Chapter 4: Using the Command-Line
Interface
Task 1 – Learning how to navigate:
User mode, privileged and global
configuration mode:
Switch> this mode call user mode.
Switch>enable type enable command press enter
this mode shows
Switch# this mode call Privileged mode
Switch#configure terminal type configure terminal
command press enter this mode shows
12/25/2024 Eng.Omar Abdirahin Khalif 14
Chapter 4: Using the Command-Line
Interface
Task 1 – Learning how to navigate:
User mode, privileged and global
configuration mode:
Switch(config)# this mode call global configuration
mode.
Exit command use to back.
Disable command use to back into user
mode.
12/25/2024 Eng.Omar Abdirahin Khalif 15
Chapter 4: Using the Command-Line
Interface
Task 2 – Changing the hostname of
switch and router.
One of the first tasks during initial device
configuration is changing the hostname of the
device.
Each device on your network should have a unique
hostname.

12/25/2024 Eng.Omar Abdirahin Khalif 16

Chapter 4: Using the Command-Line
Interface
Task 2 – Changing the hostname of
switch and router.
The following are some guidelines for configuring a
hostname on a Cisco IOS device:-
Ensure there are no spaces in the actual
hostname. The hostname should not be longer than
64 characters.
Start with a letter.
Hostnames can end with a letter or number.
12/25/2024 Eng.Omar Abdirahin Khalif 17
Chapter 4: Using the Command-Line
Interface
Task 2 – Changing the hostname of
switch and router.
SW1
Switch>enable press enter
Switch#configure terminal press enter
Switch(config)#hostname SW1 press enter
SW1(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 18
Chapter 4: Using the Command-Line
Interface
Task 2 – Changing the hostname of
switch and router.
SW2
Switch>enable press enter
Switch#configure terminal press enter
Switch(config)#hostname SW2 press enter
SW2(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 19
Chapter 4: Using the Command-Line
Interface
Task 2 – Changing the hostname of
switch and router.
R1
Router>enable press enter
Router#configure terminal press enter
Router(config)#hostname R1 press enter
R1(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 20
Chapter 4: Using the Command-Line
Interface
Task 3 – Configuring IP addresses on
Cisco devices:
Before configuring an IP address on an interface,
it's recommended to check both the number and
type of interfaces available on a device.
Router and switches, we can verify the type and
number of interfaces available on the device by
using the show ip interface brief command.
12/25/2024 Eng.Omar Abdirahin Khalif 21
Chapter 4: Using the Command-Line
Interface

12/25/2024 Eng.Omar Abdirahin Khalif 22

Chapter 4: Using the Command-Line
Interface
The show ip interface brief command provides us with a
summary of each interface's status on the device:
The Interface column: tells us the interface's type and port
number on the device.
The IP-Address column: tells us whether the interface has
an IP address or not.
The OK? and Method columns tells us how the IP address
was set on the interface, such as DHCP, unset, and manual.
The Status column tells us the physical (Layer 1) status of
12/25/2024 Eng.Omar Abdirahin Khalif 23
Chapter 4: Using the Command-Line
Interface
The following are a list of interface statuses:
Up: The interface is active and is receiving an
incoming electrical signal on the interface.
Down: The network cable is missing, or the interface
is not receiving an incoming electrical signal.
Administratively down: The device administrator has
manually turned off this interface.
12/25/2024 Eng.Omar Abdirahin Khalif 24
Chapter 4: Using the Command-Line
Interface
The Protocol column determines the Layer 2
status of the interface.
There are two status types: up and down.
The up status tells us that everything is working
fine at Layer 2.
The down status tells us there is an
encapsulation issue on the link.
12/25/2024 Eng.Omar Abdirahin Khalif 25
Chapter 4: Using the Command-Line
Interface
To configure the IP addresses on
the router, use the following
configurations:
Router1
R1>enable
R1#configure terminal
R1(config)#interface FastEthernet0/0
12/25/2024 Eng.Omar Abdirahin Khalif 26
Chapter 4: Using the Command-Line
Interface
R1(config-if)#description Connected to LAN 1 -
192.168.10.0/24 network
R1(config-if)#ip address 192.168.10.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit

12/25/2024 Eng.Omar Abdirahin Khalif 27

Chapter 4: Using the Command-Line
Interface
Let's use the show ip interface brief command to
verify that the IP address has been assigned to the
interface and that the interface status is Up/Up.

12/25/2024 Eng.Omar Abdirahin Khalif 28

Chapter 4: Using the Command-Line
Interface
let's configure the interface connected to the
192.168.20.0/24 network.
R1>enable
R1#configure terminal
R1(config)#interface FastEthernet0/1
R1(config-if)#description Connected to LAN 2 -
192.168.20.0/24 network
12/25/2024 Eng.Omar Abdirahin Khalif 29
Chapter 4: Using the Command-Line
Interface
R1(config-if)#ip address 192.168.20.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#

12/25/2024 Eng.Omar Abdirahin Khalif 30

Chapter 4: Using the Command-Line
Interface
R1#show ip interface brief

12/25/2024 Eng.Omar Abdirahin Khalif 31

Chapter 4: Using the Command-Line
Interface
Furthermore, using the show ip interface
interface-ID command.

12/25/2024 Eng.Omar Abdirahin Khalif 32

Chapter 4: Using the Command-Line
Interface
Use show running-config command to view the
current configuration of the device.

12/25/2024 Eng.Omar Abdirahin Khalif 33

Chapter 4: Using the Command-Line
Interface
Task 4 – Configuring the Switch
Virtual Interface (SVI):
Cisco IOS Layer 2 switches do not allow you to
place an IP address on their physical interfaces.
So, how does a user remotely manage or access a
switch across a network? Within the Cisco IOS of
the Layer 2 switch
12/25/2024 Eng.Omar Abdirahin Khalif 34
Chapter 4: Using the Command-Line
Interface
Task 4 – Configuring the Switch
Virtual Interface (SVI):
you can create a special logical interface that
allows you to set an IP address on the switch for
remote management.
This logical interface is known as a Switch Virtual
Interface (SVI).
12/25/2024 Eng.Omar Abdirahin Khalif 35
Chapter 4: Using the Command-Line
Interface
Task 4 – Configuring the Switch Virtual
Interface (SVI):
Use the following commands to achieve this task:
SW1
SW1(config)#interface vlan 1
SW1(config-if)#ip address 192.168.10.10 255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#exit
12/25/2024 Eng.Omar Abdirahin Khalif 36
Chapter 4: Using the Command-Line
Interface
Let's to configure the SVI switch 2 with the
following commands:
SW2
SW2(config)#interface vlan 1
SW2(config-if)#ip address 192.168.20.10 255.255.255.0
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 37
Chapter 4: Using the Command-Line
Interface
Task 5 – Securing administrative
access
By default, anyone can use a console cable to access
the User Exec mode within the Cisco IOS via the
console port.
If the person is familiar with Cisco IOS syntax, this
may be a security concern.

12/25/2024 Eng.Omar Abdirahin Khalif 38

Chapter 4: Using the Command-Line
Interface
Task 5 – Securing administrative
access
This means that anyone who has a console cable and
physical access to the device will be able to access
various modes and make unauthorized changes to
the device's configurations.

12/25/2024 Eng.Omar Abdirahin Khalif 39

Chapter 4: Using the Command-Line
Interface
Task 5 – Securing administrative
access
To solve this security challenge, the Cisco IOS has
security features that allow the device administrator
to gain secure access to the: console port, Virtual
Terminal (VTY) lines (remote access), and Privilege
Exec mode.

12/25/2024 Eng.Omar Abdirahin Khalif 40

Chapter 4: Using the Command-Line
Interface
To secure access to the console port on all devices, use the
following:
1. Access Global Configuration mode by using the configure
terminal command.
2. To access the console line, use the line console 0 command
and hit Enter.
3. Use the password actual-password command to set a
password under the console port.
4. Use the login command to enable the authentication
feature. Without using login, a person can still access the
12/25/2024 Eng.Omar Abdirahin Khalif 41
Chapter 4: Using the Command-Line
Interface
Console cable password
configuration

12/25/2024 Eng.Omar Abdirahin Khalif 42

Chapter 4: Using the Command-Line
Interface
Privilege mode password
configuration
R1>enable
R1#configure terminal
R1(config)#enable password cisco
R1(config)#login

12/25/2024 Eng.Omar Abdirahin Khalif 43

Chapter 4: Using the Command-Line
Interface
Using the enable password command is an
unsecure method because the password is
plain text.

12/25/2024 Eng.Omar Abdirahin Khalif 44

Chapter 4: Using the Command-Line
Interface
It's not recommended to use enable
password due to this security vulnerability.
However, Cisco has implemented a more
secure method to restrict access to Privilege
mode.
This method uses the enable secret
command.
12/25/2024 Eng.Omar Abdirahin Khalif 45
Chapter 4: Using the Command-Line
Interface
The enable password
configuration
R1#configure terminal
R1(config)#enable pasword cisco456
R1(config)#exit
R1#

12/25/2024 Eng.Omar Abdirahin Khalif 46

Chapter 4: Using the Command-Line
Interface
The enable secret password
configuration
R1#configure terminal
R1(config)#enable secret cisco456
R1(config)#exit
R1#

12/25/2024 Eng.Omar Abdirahin Khalif 47

Chapter 4: Using the Command-Line
Interface
Task 6 – Setting a banner
Banner is a legal notification such as a warning
that's displayed whenever anyone
administratively connects to your network
devices.

12/25/2024 Eng.Omar Abdirahin Khalif 48

Chapter 4: Using the Command-Line
Interface
Task 6 – Setting a banner
Banner is a legal notification such as a warning
that's displayed whenever anyone
administratively connects to your network
devices.
When using the banner command, you need to
insert both opening and closing symbol, such as
(@, #, $, %, ^, &)
12/25/2024 Eng.Omar Abdirahin Khalif 49
Chapter 4: Using the Command-Line
Interface
Banner configuration
R1#configure terminal
R1(config)#banner motd % WAXAA KALIYA GELI
KARA QOFKA KU SHAQO LEH QALABKAN %
R1(config)#

12/25/2024 Eng.Omar Abdirahin Khalif 50

Chapter 4: Using the Command-Line
Interface
Task 7 – Setting up secure remote
access
Remote access allows the administrator to
remotely connect and manage the device while
being at another location.
There are two main methods to remotely access a
Cisco IOS device:-
Telnet
Secure Shell (SSH)
12/25/2024 Eng.Omar Abdirahin Khalif 51
Chapter 4: Using the Command-Line
Interface
Telnet: is an unsecure method used to remotely
access and manage a device as traffic can be
seen in plaintext (unencrypted).
Secure shell (SSH): is the recommended
method for remote access as all SSH traffic is
encrypted by default.

12/25/2024 Eng.Omar Abdirahin Khalif 52

Chapter 4: Using the Command-Line
Interface
Telnet configuration
R1#configure terminal
R1(config)#line vty 0 15
R1(config-line)#password cisco789
R1(config-line)#login
R1(config-line)#exit
R1(config)#
12/25/2024 Eng.Omar Abdirahin Khalif 53
 END CHAPTER 4:
ANY QUESTION

12/25/2024 Eng.Omar Abdirahin Khalif 54