What are the steps to
1) Using a terminal program and the CLI, capture the config to a file on a laptop (Using Hyperterm and win xp)
Enable session capture on Hyperterm (not a Windows user so not sure how to do this)
From the enabled prompt on the switch:
terminal length 0 ! disables "more" prompt to print entire configuration at once
show run ! displays current running configuration
show start ! displays startup configuration - same as show run if you've saved it.
Stop the session capture on Hyperterm and save its output to a file.
You can also save the configuration to a TFTP server with copy run tftp and follow the prompts.
2) Change the HTTP IP address (so the switch responds to a ping to that address)
3) Change the default gateway address
The HTTP IP address, the telnet/ssh address, and the ping address are all the same, so, I'm assuming that
- You're using VLAN 1 (default) for management
- You have a layer 2 switch or are using an advanced switch as layer 2
- Management is in-band on the same interfaces as switch user traffic
This should be fine for a small network inside a firewall. If you have a separate VLAN or physical network for control-plane and management it gets trickier. Anything after a "!" is a comment and won't be processed on a cut/paste.
Get into configuration mode:
From configuration mode:
interface vlan 1
ip address www.xxx.yyy.zzz 255.255.255.xxx ! IP address of the switch and its netmask on same line
exit ! stop configuring the interface and go to global configuration
ip default-gateway www.xxx.yyy.zzz ! address of default gateway
4) Write that config back to the switch
5) Save it as the startup config
These are both kind of the same thing. Configuration commands take effect immediately when entered, but aren't saved across a reboot until written to memory.
end ! leave configuration mode
We are setting up three of these in our network behind routers. We need them have specific IP addresses and respond to a ping so our Nagios system can test for connectivity to them. And we need to change the default gateway to the router LAN address so we can use a browser and port forwarding through that router to see the HTTP interface of the switch. We also need to save the resulting config to a file on our management laptop.
That should do it. Other nice-to-have and security tasks: put a hostname on each device, delete the default user, change the motd to something less scary. Something like the following:
config term ! enter configuration mode
service password-encryption ! prevent passwords from showing in plain text on configs
hostname switch1 ! Name each switch something different to tell them apart
user janedoe password itsabigsecret ! Create one or more users with non-default usernames
line telnet 0 4 ! configure the telnet lines
login local-userlist ! set telnet to require a valid username and matching password
no password ! remove the default telnet password
exit ! stop configuring telnet lines, go back to global mode
no user admin ! Blow away the default user (and password)
enable password somethinghardtoguess ! Reset the enable password to something hard to guess
banner motd #
These aren't the droids you're looking for. Move along.
And set the firewall on your router to keep the curious out. If you're comfortable with SSH instead of telnet, consider shutting down the telnet interface entirely with:
line telnet 0 4
Always "write memory" after any changes after ending configuration mode.
Thank you . Your complete and detailed answer let us config these as we need them. Additionally your examples gave us a feel for how the CLI commands work which greatly shortened the learning curve.
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post to unmark it and select another in its place with the applicable buttons. If you have any additional information on this that others may benefit from, please come back to this post to provide an update. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.