Configuring the switch with the CLI setup program

To set up the switch, you need to complete the setup program, which runs automatically after the switch is powered on. You must assign an IP address and other configuration information necessary for the switch to communicate with the local routers and the Internet. This information is also required if you plan to use WebUI to configure and manage the switch.

IP and Password Settings

You need this information from your network administrator before you complete the setup program:

  • Encryption level and Master key

  • Switch IP address

  • Subnet mask (IP netmask)

  • Default gateway (router)

  • Enable secret password

  • Enable password

Initial Configuration

Complete the following steps to create an initial configuration for the switch with the setup program:

Procedure

Step 1

Enter Yes at these two prompts: 


Would you like to enter the initial configuration dialog? [yes/no]:yes
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system.
Would you like to enter basic management setup? [yes/no]:yes

Step 2

Enter a hostname for the switch.

On a command switch, the hostname is limited to 28 characters; on a member switch, it is limited to 31 characters. Do not use -n , where n is a number, as the last character in a hostname for any switch.

Configuring global parameters:


Enter host name [Switch]:host_name

Step 3

Enter an enable secret password.

The password can be of minimum 10 to maximum 25 alphanumeric characters, and must contain at least one uppercase, one lowercase, and a digit.

Note

 
The password should not contain the word cisco in it. 

Enter enable secret:secret_password
Confirm enable secret:secret_password

Step 4

Enter an enable password. 


Enter enable password:enable_password

Step 5

Enter a virtual terminal password.

The password can be from 1 to 25 alphanumeric characters, is case sensitive, allows spaces, but ignores leading spaces.


Enter virtual terminal password:terminal-password

Step 6

Enter the interface name (physical interface or VLAN name) of the interface that connects to the management network.

For this release, always use vlan1 as the interface connecting to the management network.

Note

 

The switch will transmit a DHCP discover message on the vlan1 interface. If the switch is connected to the network before the CLI initial setup process is started, the interface may have been assigned a dynamic IP address. If you do not see an IP address on the vlan1 interface, this process allows you set a static IP address for management. This will overwrite the dynamically assigned IP address. 

Current interface summary

Interface                   IP-Address      OK? Method Status                Protocol
Vlan1                       10.0.113.39     YES DHCP   up                       up
GigabitEthernet1/1          unassigned      YES unset  down                    down
GigabitEthernet1/2          unassigned      YES unset  down                    down
GigabitEthernet1/3          unassigned      YES unset  down                    down
GigabitEthernet1/4          unassigned      YES unset  down                    down
GigabitEthernet1/5          unassigned      YES unset  down                    down
GigabitEthernet1/6          unassigned      YES unset  down                    down
GigabitEthernet1/7          unassigned      YES unset  down                    down
GigabitEthernet1/8          unassigned      YES unset  down                    down
GigabitEthernet1/9          unassigned      YES unset  down                    down
GigabitEthernet1/10         unassigned      YES unset  down                    down
GigabitEthernet1/11         unassigned      YES unset    up                      up
AppGigabitEthernet1/1       unassigned      YES unset    up                      up

Enter interface name used to connect to the
management network from the above interface summary:
 vlan1

Step 7

Configure the interface by entering the switch IP address and subnet mask.

The configuration summary is displayed.

Step 8

Select option 2 to save the configuration and exit the configuration menu.

Example



        --- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: yes

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.


Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system

Would you like to enter basic management setup? [yes/no]: yes
Configuring global parameters:

 Enter host name [Switch]: Switch

 The enable secret is a password used to protect
 access to privileged EXEC and configuration modes.
 This password, after entered, becomes encrypted in
 the configuration.
 -------------------------------------------------
 secret should be of minimum 10 characters and maximum 32 characters with
 at least 1 upper case, 1 lower case, 1 digit and
 should not contain [cisco]
 -------------------------------------------------
 Enter enable secret: **********
 Confirm enable secret: **********
Netconf SSH RSA key generated
Key Name: NETCONF_SSH_RSA_KEY
Key Type: ssh-rsa
Modulus Size: 2048
Public Key: ssh-rsa AAAAB3AAAADAQABAAABAQC46E6OfS9Tl6bHuxJkyrCy9JDwgkE9tK
XJcgD2Mu26NTCGpIDRyGAjaj9+gc04Gc/TOHruWEt/XTZu9hWK1dN+rZytJMNw3nEavFcsm+d
gDzYwh3BAi16edDil97YzlNr5bsisrgehSqKoq7Srj8fW3SyPNRU2WNdbeLkwjLtZQSgA7hBL
x1r9V+wS9+hk8SQJsMRBhMSLMo7Mo/XZ22risylZPeWvypmip6zGakKm14K8TbgnKmTbgZscp
hn/qJ9ag+tzuDQug+ZLWw/QE3MJHZmcbXdt1gcE8b0lTRT


 The enable password is used when you do not specify an
 enable secret password, with some older software versions, and
 some boot images.
 Enter enable password: **********

 The virtual terminal password is used to protect
 access to the router over a network interface.
 Enter virtual terminal password: *********

Current interface summary

Interface                   IP-Address      OK? Method Status                Protocol
Vlan1                       10.0.113.39    YES DHCP   up                        up
GigabitEthernet1/1          unassigned      YES unset  down                    down
GigabitEthernet1/2          unassigned      YES unset  down                    down
GigabitEthernet1/3          unassigned      YES unset  down                    down
GigabitEthernet1/4          unassigned      YES unset  down                    down
GigabitEthernet1/5          unassigned      YES unset  down                    down
GigabitEthernet1/6          unassigned      YES unset  down                    down
GigabitEthernet1/7          unassigned      YES unset  down                    down
GigabitEthernet1/8          unassigned      YES unset  down                    down
GigabitEthernet1/9          unassigned      YES unset  down                    down
GigabitEthernet1/10         unassigned      YES unset  down                    down
GigabitEthernet1/11         unassigned      YES unset  up                        up
AppGigabitEthernet1/1       unassigned      YES unset  up                        up

Enter interface name used to connect to the
management network from the above interface summary: Vlan1

Configuring interface Vlan1:
   IP address for this interface [10.0.113.39]:
   Subnet mask for this interface [255.0.0.0] :
   Class A network is 10.0.0.0, 8 subnet bits; mask is /8

The following configuration command script was created:

hostname Switch
enable secret 9 $9$IjMTkpAcbKRIK.$W27WanN6KUn4NnrjTTJteGEox1u.
enable password enable_password
line vty 0 15
password terminal_password
no snmp-server
!
no ip routing

!
interface Vlan1
no shutdown
ip address 22.1.1.39 255.0.0.0
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
!
interface GigabitEthernet1/4
!
interface GigabitEthernet1/5
!
interface GigabitEthernet1/6
!
interface GigabitEthernet1/7
!
interface GigabitEthernet1/8
!
interface GigabitEthernet1/9
!
interface GigabitEthernet1/10
!
interface GigabitEthernet1/11
!
interface AppGigabitEthernet1/1
!
end


[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.

Enter your selection [2]: 2
Building configuration...
[OK]
Use the enabled mode 'configure' command to modify this configuration.




Press RETURN to get started!