In this tutorial, we shall look at the initial step-by-step configuration of a cisco switch in the Pocket CLI App. To get the nodes and your working area in the App, you first need to design a lab. In this case we are going to add a switch to the lab. To achieve this:
- Tap on Design on the main menu after you launch the App.
- Tap on the little icon in the top-right corner of the screen and select Switch in the list and save.
- Tap on the little icon at the top-right again and select save. Enter your desired Title and subtitle and save (In this case, Test and Test Lab respectively).
- After saving it takes you back to the main menu. Now tap on Labs in the main menu and select the lab you just created.
After adding the switch we now set it up the first time for use. To power up the switch you added, simply tap on the Switch and select console. It loads and land you on a dialogue which reads ‘continue with configuration dialog? [yes/no]’. Since the Pocket CLI App is mostly for educational/training purposes it only accepts no as input. This is because the App wants you to go through the configurations manually.
After the switch has powered up, it takes you to user EXEC mode after pressing RETURN. The first thing to do is to setup a hostname for the switch. The hostname is basically the name of the switch. By default the App gives Switch0 for the first switch in a particular lab, Switch1 for the second, and so on. You can choose a hostname which best fits your lab. In this example we shall use HQ as the hostname of the switch.
To configure the hostname, navigate to Global Configuration mode and key in the command hostname HQ as shown below. The hostname immediately changes to hq. Please note that all entries in uppercase are changed to lowercase by the App.
After configuring the hostname you would want to disable name resolution. The reason for this is that, when you type a wrong command the device sees it as a name to IP address resolution, and this maybe take some time to resolve. To disable the domain name resolution on the switch, key in the command no ip domain-lookup in global config mode as shown below:
hq(config)#no ip domain-lookup
The next thing is to configure management IP address and default gateway for the switch. The default gateway is your Router’s IP address. See the commands below:
hq(config-if)#ip address 192.168.5.1 255.255.255.0
For the default gateway, we navigate to global config mode. Simply enter the exit if you are in interface configuration mode to return to global configuration mode.
hq(config)#ip default-gateway 192.168.5.254
The next step in the initial configuration is to configure enable secret. The Cisco IOS has two main ways of protecting resources on the device; the enable password, and the enable secret. In this tutorial, we shall configure the enable secret, since it’s more secured than the enable password. The enable secret is encrypted with MD5 hash, whilst the enable password is stored in plain text. To set the enable secret, key in the enable secret Password (Where password is the password you want to set on the device) command. In this tutorial we use Cisco as our password.
hq#configure terminal Enter configuration commands, one per line. End with CNTL/Z.
hq(config)#enable secret Cisco
Next, we configure a console password. To do so, follow these steps:
hq(config)#line con 0
The console password is set to Cisco1. You have to enter this password before you can get to the user EXEC mode.
Next, we configure the exec timeout for the console line. This is how long you want the console to automatically log you out after a specified time of inactivity. In this tutorial we shall set the exec timeout to 5 minutes. To configure the exec timeout for the console, simply key the exec-timeout 5 command in the config-console mode.
Next, we configure telnet access or virtual terminals (vty) with a password. The Pocket CLI App’s switch supports up to 5 vty lines. To set password on the vty lines, navigate to global config mode and enter the following commands:
hq(config)#line vty 0 4
It is always advisable to encrypt all passwords set on the device. To do so, simply use the service pass-encryption command to encrypt all passwords.
To view all your configurations on the switch, key in show run in privileged mode. See an example in the screenshot below:
After you are done with all configurations do not forget to save all the changes. This will prevent the configurations from being lost when the device is rebooted. To do so, key in the command copy running-config startup-config in privileged mode.
hq#copy running-config startup-config