Access Your Switch Console Port
Cisco Packet Tracer is a great piece of simulation software, but if you’re dealing with a real switch, how do you get to the command line? Well, guess what! You can simulate this access with Cisco Packet Tracer!
First of all, let’s stay in the real world and analyze the ports on our Cisco Catalyst 2960 switch.
Well, actually this image was found in Cisco Packet Tracer, so I didn't stay in the real world for long.
24 Ethernet ports: We have our 24 FastEthernet ports that we’re using to connect the end devices.
Two GigabitEthernet ports: We have our two GigabitEthernet ports that we’re going to use for connecting devices such as a router or another switch.
One console port: This console port provides access to the command line configuration by using a console port connected to a COM port (serial port or RS-232) on your computer.
We can simulate this functionality in Cisco Packet Tracer by using an RS232 port on a PC connected to a console port on a switch.
Let me go through all of this in a short video:
How do I configure my switch if I haven't got a COM port on my computer?
Well yes, with developments in technology, we’re finding that the COM port is starting to disappear and it’s rare to find PCs that have them nowadays. However, you can find various USB/Serial adapters that can do the job. You need to make sure that they’re compatible with your computer, because these adapters tend to work with drivers that are specific to particular operating systems.
Configure SSH Access for Remote Access to Your Switch
Right, now you know how to use the console port to configure your Cisco switches (and routers). But, like most IT experts, you're not going to want to get up from your seat each time you want to check the operational status of your switches and routers. You're going to want to configure them remotely, and to do this, there are two different methods using either:
the Telnet protocol
or
the SSH protocol.
But why do I need to secure the switches within my organization? No one is interested, are they?
Think again. As we’ve seen previously, all of the data within an IT network passes through the connectivity devices, so these need to have maximum security, especially for remote access, because a hacker could try to access your network devices from another country!
Secure Shell (SSH) is a secure protocol that uses port 22 to provide a secure (encrypted) connection to manage remote devices. Unlike Telnet, a hacker cannot decrypt the encrypted data when using SSH. Login usernames and passwords are not readable.
If you want to check that the Catalyst 2960 switch can handle the SSH protocol, you need to check the OS version. In privileged EXEC mode, use the show version command on the switch to display the OS version installed on it. If the characters K9 are present in the OS name, this means the switch is compatible.
Let’s look at the command:
Switch# show version … Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 26 WS-C2960-24TT-L 15.0(2)SE4 C2960-LANBASEK9-M Configuration register is 0xF Switch#
To configure the SSH connection on a switch, you need to have followed the steps we covered previously, i.e., assigning a host name and an IP address. If you’ve done this already, you can proceed as follows:
Exec-Sales# show ip ssh Exec-Sales# configure terminal Exec-Sales(config)# enable secret 1234-Metropolitan:1234 Exec-Sales(config)# ip domain-name tbagency.com Exec-Sales(config)# ip ssh version 2 Exec-Sales(config)# crypto key generate rsa How many bits in the modulus [512]: 1024 Exec-Sales(config)# username admin secret 1234-Metropolitan:1234 Exec-Sales(config)# line vty 0 15 Exec-Sales(config-line)# transport input ssh Exec-Sales(config-line)# login local Exec-Sales(config-line)# exit
Here’s a short video to show you how to configure SSH access to your switch:
Check SSH Remote Access to Your Switch
Now you're going to see how to access a network device remotely using SSH. If you’re using a computer to access SSH, you can do this in a number of different ways:
Use the DOS prompt within Windows, or Terminal in Linux or macOS.
Just launch the relevant console function and type ssh user_name@IP_Address. You’ll then be asked to provide the password and possibly also the “fingerprint”.
Use terminal emulator software, such as Putty.
Within Cisco Packet Tracer, you’ll use the Command Prompt on the PC Desktop to access network devices using SSH. You can also use Telnet/SSH Client on the Desktop to access network devices using SSH.
You can use the ssh command within Cisco Packet Tracer Command Prompt, which is the equivalent of the DOS prompt. You can use Telnet/SSH Client to access network devices using SSH.
Okay, here’s a short video to show you how to access your switch using SSH within Cisco Packet Tracer.
Let's Recap!
In this chapter, you’ve seen:
how to configure SSH access to a Cisco switch.
how you can use a serial connection to access a device
Now that you know how to configure the basic parameters of a layer 2 switch, you’re going to tackle router configuration. But first of all, I think you should test your new-found knowledge with a practical exercise and a quiz.