estou postando esses comandos bsicos de configurao de switchs CISCO 2900/2950 com a inteno de ajudar algum usurio ou para

que algum que saiba de outros camandos que no esto listados aqui (sei que so muitos) possam adicion-los neste frum. Espero que po ssa ajudar e ser ajudado.

1- Entrar no modo privilegiado. switch>enable Password:******* switch# 2- Configurar ou alterar a senha do modo privilegiado. switch(config)#enable secret ****** digite a senha switch(config)#exit 3- Configurar um nome para o Switch. switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)#hostname NOME switch(config)#exit switch# 4- Configurar velocidade e modo de comunicao da porta. Switch 2950: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)#speed 100 switch(config-if)#duplex full 5- Configurar o endereo IP/Mscara/Gateway nos Switchs. switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface vlan 1 switch(config-if)#ip address X.X.X.X Y.Y.Y.Y onde X o endereo IP e Y a mscara de r ede

switch(config-if)#exit switch(config)#ip default-gateway X.X.X.X onde X o endereo IP do default-gateway switch(config)#exit switch#

6- Criar VLANs nos Switchs. switch#vlan database switch(vlan)#vlan 2 name NAME VLAN 2 modified: Name: NAME OU switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#vlan 2 switch(config-vlan)#name NAME 7- Atribuir portas as VLANs. Portas 3, 4 e 5 switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/3 switch(config-if)#switchport access vlan 2 switch(config-if)#exit switch(config)#interface fastEthernet 0/4 switch(config-if)#switchport access vlan 2 switch(config-if)#exit switch(config)#interface fastEthernet 0/5 switch(config-if)#switchport access vlan 2 switch(config-if)#exit switch(config)#exit switch# VLAN 2

switch#show vlan visualizar VLAN 8- Configurar TRUNK. Switch 2950: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)#speed 100 switch(config-if)#duplex full switch(config-if)#switchport mode trunk switch(config-if)#exit switch(config)#exit switch#show run OU Switch 2900: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)#speed 100 switch(config-if)#duplex full switch(config-if)#switchport mode trunk switch(config-if)#switchport trunk encapsulation dot1q switch(config-if)#exit 9 - Configurar Espelhamento de portas para coleta de dados.

Exempl Espelhar as portas 1, 2 e 3 para porta 24. Switch 2950: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#monitor session 1 destination interface fastEthernet 0/24 switch(config)#monitor session 1 source interface fastEthernet 0/1 switch(config)#monitor session 1 source interface fastEthernet 0/2

switch(config)#monitor session 1 source interface fastEthernet 0/3 switch(config)#exit OU switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)# interface fastEthernet 0/24 switch(config-if)#port monitor FastEthernet 0/1 switch(config-if)#port monitor FastEthernet 0/2 switch(config-if)#port monitor FastEthernet 0/3 switch(config-if)#exit switch(config)#exit 10 - Copiar arquivo de configurao. switch#config t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#ip ftp username USURIO Switch(config)#ip ftp password SENHA Switch(config)#end Switch#copy nvram: startup-config ftp: Address or name of remote host []? X.X.X.X onde X o endereo IP do servidor FTP Destination filename [switch-confg]? cisco/nomedoarquivo Writing cisco/nomedoarquivo ! 1462 bytes copied in 3.368 secs (434 bytes/sec) 11 - Configurar relgio do switch. switch# clock set 12:06:00 30 may 2005 12 Configurar modo de exibio do log.

switch#config t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# service timestamps log datetime 13 Configurar tamanho do log.

switch#config t

Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# logging buffered 8192 14 Configurar servidor de log.

switch#config t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# logging X.X.X.X onde X o endereo IP do servidor de Logs 15 Criptografar as senhas console e telnet (configure terminal).

switch#config t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#service password-encryption 16 Configurar Lista de acesso (MAC). habilita a criptografia

switch#config t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#mac access-list extended TESTE Switch(config-ext-macl)#permit host XXXX.XXXX.XXXX host YYYY.YYYY.YYYY X e Y so os endereos MAC onde

Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#int fas 0/5 Switch(config-if)# mac access-group TESTE in atribuir lista a interfece

17

Configurar controle de storm de broadcasts

Switch 2950: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)#storm-control broadcast level N da// //N= % da banda a ser limita

switch(config-if)# storm-control action shutdown //Caso atinja o limite acima porta ficar em shutdown// switch(config-if)#exit

Switch 2900: switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)# port storm-control broadcast threshold rising X falling Y / /Onde rising X o limite superior em pacotes/seg e falling Y o limite inferior p ara a porta retornar ao estado up// switch(config-if)# port storm-control broadcast action shutdown //Caso atinja o limite acima porta ficar shutdown// switch(config-if)#exit 18 Desabilitar Trunk automtico no 2950

switch#config t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#interface fastEthernet 0/1 switch(config-if)#switchport mode access 19 12Recuperar senha do switch Fazer a conexo com o switch atravs da porta console (9600 bps). Desconectar o cabo de alimentao do switch.

3- Pressionar o boto Mode e mant-lo pressionado enquanto reconecta o cabo de ali mentao do switch. Mantenha o boto Mode pressionado dois segundos aps o led da porta 1X apagar. 4Aparecero as seguintes mensagens:

The system has been interrupted prior to initializing the flash file system. Th e following commands will initialize the flash file system, and finish loading t he operating system software: flash_init load_helper boot 5Inicializar o arquivo Flash do sistema:

Switch: flash_init 6Carregar arquivos de ajuda:

Switch: load_helper 7Visualizar o contedo da memria Flash:

Switch: dir flash: Note que o arquivo config.text o arquivo de configurao que contm as definies sobre a senha. 8Renomear o arquivo de configurao para config.text.old

Switch: rename flash:config.text flash:config.text.old 9Bootar o switch

Switch: boot 10- Aps a inicializao do switch, aparecer a seguinte pregunta: Deseja entra no modo de configurao "dilogo"? Digite no 11- No prompt de comando entre no modo privilegiad switch> enable 12- Renomear o arquivo de configurao para o seu nome original (config.text) Switch: rename flash:config.text.old flash:config.text 13- Copiar o arquivo de configurao para a memria: Agora a senha j pode ser alterada. 14Entrar no modo de configurao global:

Switch# config terminal 15Alterar a senha:

Switch(config)# enable secret ********* 16Retornar ao modo privilegiado e gravar as novas configuraes:

Switch(config)# exit Switch# write Aps estes procedimentos a nova senha j estar includa no arquivo de configurao inicial .