Posts tagged switch

cisco sg300 setup
posted on 2016-08-13 17:52

These are the notes for setting up a cisco sg300 10 port switch with vlans via the cli. It's the best cheap switch with managing that happens to have a CLI that is similar to the ones on the bigger switches from cisco, and it comes with a serial interface.

standard ip

Use this IP for acessing SSH or the webgui in your browser:

192.168.1.254

standard password

user: cisco
pass: cisco

serial connection

In case you need it because you cannot access the switch via IP any longer (scanning 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16 sure takes too much time to be feasible...), use its serial interface.

baud:      115200 (if not set otherwise)
bits:      8
parity:    N
stopbits:  1
no flow control

To use it, connect a USB-to-Serial computer with your laptop and use putty/screen/minicom, depending on the OS you use.

foreword

First, all commands are abbreviated here. Use ? in the CLI if you want to know what you type here, use it alone, after some characters or as a parameter on its own after a command.

cisco devices have different modes, and you edit the configuration in RAM after you logged in. To change all possible settings, you have to go into configure mode (conf), and to save it, the volatile configuration has to be copied back to the flash memory (copy run start or wr).

In normal mode there just are not so many options. To jump back, exit. More on the modes later on.

Sadly, ctrl+d doesn't work, but ctrl-z is its substitute.

first steps (after logging in and likely changing the password)

'backspace' key:

ctrl + h

delete current line;

ctrl + u
ctrl + k

disable/enable the output paging bullshit: (You know screen's copy mode via ctrl+a,[ so PGUP and PGDN work?')

terminal datadump
terminal no datadump

enable / disable command history / set its maximum size:

terminal history
terminal no history
terminal history size 206

show current configuration:

show run

show current access methods:

show line

save the changes up until now:

# choose 'yes', of course, when being prompted
copy run start

# this also works but is deprecated
wr t

configuration

For ease of use, when configure mode is needed, all the steps are shown. You can stay in configure mode if you want and perform several steps at once if you please.

hostname:

conf t
hostname <my_new_hostname>
ctrl-z
copy run start

search domain

conf t
ip domain name <your_search_domain>
ctrl-z
copy run start

create a new user and revoke admin rights from the standard 'cisco' user:

conf t username <new_user> privilege 15 password <new_password> username cisco privilege 1 password <doesnt_matter_you_dont_need_it_anymore> ctrl-z copy run start

What this was actually about was using the different privilege modes present on cisco switches.

privilege level 1      = user mode, '>' prompt
privilege level 2 - 15 = privileged EXEC mode, '#' prompt
configure              = configure mode, '(config)' prompt

You can do fine-grained access-levelling, with commands available only at different privilege modes (i.e. 3, 6, 10, 14, 15, however you see it fitting), but we want to disable the basic account and create a new one.

Level 15 can do everything. Regular workflow is logging in, and using the enable password to elevate to administrator levels if need be.

Via enable <number> and disable <number> you can enter higher or lower privilege modes, compared to your current one that can be looked up via show privilege.

While in configure mode, you can enter sub-modes for some of the commands, ex, end and ctrl-z will work there, too.

set default gateway

conf t
ip default-gateway <your_gw_ip>
do copy run start

The do keyword lets you run EXEC keywords from within configure mode.

set default ip

cisco: factory reset a sg300 switch
posted on 2015-11-23 01:26:43

Resetting a SG300 is rather easy. Hold reset pressed until after like 10 seconds all port leds flash.

Login afterards is cisco:cisco.

cisco: factory reset a 2960G switch and initial configuration
posted on 2015-09-19 10:35:33

Factory resetting for a 2960G switch is rather easy:

Hold the button on the front panel, after like 3 seconds blinking, most lights should turn off. Keep the button pressed, after seven to ten more seconds, all lights will flash. Then switch is factory-resetted and will reboot.

Booting can take a while. Afterwards you are prompted for the initial installation.

This can either be done while being connected via a serial line (see next post here), or by using a pc connected via ethernet cable. Set the interface to DHCP and you should be able to access the switch in your browser via 10.0.0.1 through the web interface.

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, arcconf, arch, architecture, areca, arping, asa, asdm, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, innodb, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pvecm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh

View posts from 2017-03, 2017-02, 2017-01, 2016-12, 2016-11, 2016-10, 2016-09, 2016-08, 2016-07, 2016-06, 2016-05, 2016-04, 2016-03, 2016-02, 2016-01, 2015-12, 2015-11, 2015-10, 2015-09, 2015-08, 2015-07, 2015-06, 2015-05, 2015-04, 2015-03, 2015-02, 2015-01, 2014-12, 2014-11, 2014-10, 2014-09, 2014-08, 2014-07, 2014-06, 2014-05, 2014-04, 2014-03, 2014-01, 2013-12, 2013-11, 2013-10


Unless otherwise credited all material Creative Commons License by sjas