1.設定switch 名稱-以下為設定成"sw2960"為例
Switch(config)#hostname sw2960
sw2960(config)#
2.設定enable密碼-沒設定的話遠端登入沒辦法執行高權,以下為直接設定密碼在設定檔中不為明碼 密碼設定為"cisco"
這組會蓋過你如果有設定enable password 自定密碼
sw2960(config)#enable secret cisco
sw2960(config)#
3.設定所有密碼設定值不顯示明碼
sw2960(config)#service ?
dhcp Enable DHCP server and relay agent
password-encryption Encrypt system passwords
timestamps Timestamp debug/log messages
sw2960(config)#service password-encryption 設定了要把密碼記好不然sh run是看不到明碼的
sw2960(config)#
4.設定console密碼
sw2960(config)#line console 0
sw2960(config-line)#password cisco 設定密碼cisco
sw2960(config-line)#login
sw2960(config-line)#exec-timeout 0 閒置登出的時間不限制
sw2960(config-line)#logging synchronous
5.設定遠端連線直接設定ssh 此例子設定不可走telnet連線
sw2960(config)#ip domain-name test.com
sw2960(config)#crypto key generate rsa
The name for the keys will be: sw2960.test.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 2048
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
sw2960(config)#username admin password cisco 設定ssh帳號"admin" 密碼"cisco"
sw2960(config)#ip ssh version 2
sw2960(config)#line vty 0 15
sw2960(config-line)#login local
sw2960(config-line)#transport input ssh
sw2960(config-line)#logging synchronous
6.關閉 DNS查詢
sw2960(config)#no ip domain lookup
7.建立vlan 20 將fa0/1 port打上vlan20
sw2960(config)#int vlan20
sw2960(config-if)#ip address 192.168.20.254 255.255.255.0 ip自定
sw2960(config)#int fa0/1
sw2960(config-if)#switchport mode access
sw2960(config-if)#switchport access vlan 20
% Access VLAN does not exist. Creating vlan 20
sw2960(config-if)#
%LINK-5-CHANGED: Interface Vlan20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
sw2960(config-if)#exit
sw2960(config)#int fa0/1
sw2960(config-if)#no shutdown
8.恢復原始設定
test#write erase
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]y[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
test#reload
System configuration has been modified. Save? [yes/no]:y
留言列表
