Scenario-2.1 Branch Office Network Setup – Configure Universal Switch Settings

The Scene

Scenario-2.1

A Collapsed Core switch layer based on two interconnected Layer 3 switches has been installed in the office server room.

Two pairs of User Access Switches have been installed in two different Wire Closet locations.

Two pairs of User Access Switches have been installed in two different Wire Closet locations.

A Management Server located in the Server Room and two Host-PCs have been installed for future use and will be left powered off for the time being.

The Goal

Configure initial universal switch settings across the topologies network devices which include:

  • Switch hostname
  • Domain name
  • Global error disable settings
  • Device management settings
  • VTP
  • STP mode
  • UDLD

Resources

Download, import and run in Cisco VIRL the Scenario-2.1 Topology File.

Cisco’s Campus LAN Layer 2 Access with Simplified Distribution Deployment Guide.

The High Level Steps

Access each new switch via their console connections.

  • No username or password needed when accessing devices via their Console Port.

Configure switch Hostnames (as per the topology diagram).

Set IP Domain Name:

  • myvirl.lab

Configure VTP settings:

  • Set the Core Switches to Server and User Access Switches as Clients.
  • Set the VTP domain name myvirl.lab.
  • Set the VTP version to 2.
  • Configure VTP authentication using the key myvirlvtpkey.

Configure Rapid-PVST.

Enable Unidirectional Link Detection.

Enable Error Disable recovery mechanism.

Disable IP domain name lookup.

Configure a 1024 bit encryption key and enable SSH version 2.

Configure remote admin access, limiting the access to just SSH.

  • Username netadmin
  • password letmein
  • Enable secret levelup

The Solution

Set switches hostname and domain name:

hostname {as per diagram}
!
ip domain name myvirl.lab
!

Configure the switches VTP Settings:

vtp domain myvirl.lab
vtp version 2
vtp password myvirlvtpkey
vtp mode {Core switches = Server / UserAcc switches = Client}
!

Enable Rapid-PVST Spanning Tree:

spanning-tree mode rapid-pvst
!

Enable Unidirectional Link Detection:

udld enable
!

Enable Error Disable recovery mechanism:

errdisable recovery cause all
!

Disable IP domain name lookup:

no ip domain lookup
!

Configure a 1024 bit encryption key and enable SSH version 2.

crypto key generate rsa modulus 1024
!
ip ssh version 2

Configure remote admin access, limiting the access to just SSH.

username netadmin secret letmein
enable secret levelup
service password-encryption
aaa new-model
!
line vty 0 4
 transport input ssh
 !

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s