cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jimwhite
New Contributor II

IP and gateway address change

Jump to solution

What are the steps to

1) Using a terminal program and the CLI, capture the config to a file on a laptop (Using Hyperterm and win xp)

2) Change the HTTP IP address (so the switch responds to a ping to that address)

3) Change the default gateway address

4) Write that config back to the switch

5) Save it as the startup config

We are setting up three of these in our network behind routers.  We need them have specific IP addresses and respond to a ping so our Nagios system can test for connectivity to them. And we need to change the default gateway to the router LAN address so we can use a browser and port forwarding through that router to see the HTTP interface of the switch.  We also need to save the resulting config to a file on our management laptop.

Jim

Labels (1)
Tags (3)
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor

Re: IP and gateway address change

Jump to solution

jimwhite wrote:



What are the steps to


1) Using a terminal program and the CLI, capture the config to a file on a laptop (Using Hyperterm and win xp)






Enable session capture on Hyperterm (not a Windows user so not sure how to do this)

From the enabled prompt on the switch:

terminal length 0   ! disables "more" prompt to print entire configuration at once

show run                ! displays current running configuration

show start              !  displays startup configuration - same as show run if you've saved it.

Stop the session capture on Hyperterm and save its output to a file.

You can also save the configuration to a TFTP server with copy run tftp  and follow the prompts.


2) Change the HTTP IP address (so the switch responds to a ping to that address)


3) Change the default gateway address






The HTTP IP address, the telnet/ssh address, and the ping address are all the same, so, I'm assuming that

  • You're using VLAN 1 (default) for management
  • You have a layer 2 switch or are using an advanced switch as layer 2
  • Management is in-band on the same interfaces as switch user traffic

This should be fine for a small network inside a firewall.  If you have a separate VLAN or physical network for control-plane and management it gets trickier.  Anything after a "!" is a comment and won't be processed on a cut/paste.

Get into configuration mode:

config term

From configuration mode:

interface vlan 1

  ip address www.xxx.yyy.zzz  255.255.255.xxx ! IP address of the switch and its netmask on same line

  no shutdown

exit   ! stop configuring the interface and go to global configuration

ip default-gateway www.xxx.yyy.zzz  ! address of default gateway


4) Write that config back to the switch


5) Save it as the startup config






These are both kind of the same thing.  Configuration commands take effect immediately when entered, but aren't saved across a reboot until written to memory.

end   ! leave configuration mode

write memory


We are setting up three of these in our network behind routers.  We need them have specific IP addresses and respond to a ping so our Nagios system can test for connectivity to them. And we need to change the default gateway to the router LAN address so we can use a browser and port forwarding through that router to see the HTTP interface of the switch.  We also need to save the resulting config to a file on our management laptop.






That should do it.  Other nice-to-have and security tasks: put a hostname on each device, delete the default user, change the motd to something less scary.  Something like the following:

config term   ! enter configuration mode

service password-encryption   ! prevent passwords from showing in plain text on configs

hostname switch1  ! Name each switch something different to tell them apart

user janedoe password itsabigsecret ! Create one or more users with non-default usernames

line telnet 0 4              ! configure the telnet lines

   login local-userlist  ! set telnet to require a valid username and matching password

   no password             ! remove the default telnet password

   exit                             ! stop configuring telnet lines, go back to global mode

no user admin  !  Blow away the default user (and password)

enable password somethinghardtoguess  ! Reset the enable password to something hard to guess

banner motd  #

These aren't the droids you're looking for.  Move along.

#

And set the firewall on your router to keep the curious out.  If you're comfortable with SSH instead of telnet, consider shutting down the telnet interface entirely with:

line telnet 0 4

  shutdown

Always "write memory" after any changes after ending configuration mode.

View solution in original post

0 Kudos
3 Replies
jayh
Honored Contributor
Honored Contributor

Re: IP and gateway address change

Jump to solution

jimwhite wrote:



What are the steps to


1) Using a terminal program and the CLI, capture the config to a file on a laptop (Using Hyperterm and win xp)






Enable session capture on Hyperterm (not a Windows user so not sure how to do this)

From the enabled prompt on the switch:

terminal length 0   ! disables "more" prompt to print entire configuration at once

show run                ! displays current running configuration

show start              !  displays startup configuration - same as show run if you've saved it.

Stop the session capture on Hyperterm and save its output to a file.

You can also save the configuration to a TFTP server with copy run tftp  and follow the prompts.


2) Change the HTTP IP address (so the switch responds to a ping to that address)


3) Change the default gateway address






The HTTP IP address, the telnet/ssh address, and the ping address are all the same, so, I'm assuming that

  • You're using VLAN 1 (default) for management
  • You have a layer 2 switch or are using an advanced switch as layer 2
  • Management is in-band on the same interfaces as switch user traffic

This should be fine for a small network inside a firewall.  If you have a separate VLAN or physical network for control-plane and management it gets trickier.  Anything after a "!" is a comment and won't be processed on a cut/paste.

Get into configuration mode:

config term

From configuration mode:

interface vlan 1

  ip address www.xxx.yyy.zzz  255.255.255.xxx ! IP address of the switch and its netmask on same line

  no shutdown

exit   ! stop configuring the interface and go to global configuration

ip default-gateway www.xxx.yyy.zzz  ! address of default gateway


4) Write that config back to the switch


5) Save it as the startup config






These are both kind of the same thing.  Configuration commands take effect immediately when entered, but aren't saved across a reboot until written to memory.

end   ! leave configuration mode

write memory


We are setting up three of these in our network behind routers.  We need them have specific IP addresses and respond to a ping so our Nagios system can test for connectivity to them. And we need to change the default gateway to the router LAN address so we can use a browser and port forwarding through that router to see the HTTP interface of the switch.  We also need to save the resulting config to a file on our management laptop.






That should do it.  Other nice-to-have and security tasks: put a hostname on each device, delete the default user, change the motd to something less scary.  Something like the following:

config term   ! enter configuration mode

service password-encryption   ! prevent passwords from showing in plain text on configs

hostname switch1  ! Name each switch something different to tell them apart

user janedoe password itsabigsecret ! Create one or more users with non-default usernames

line telnet 0 4              ! configure the telnet lines

   login local-userlist  ! set telnet to require a valid username and matching password

   no password             ! remove the default telnet password

   exit                             ! stop configuring telnet lines, go back to global mode

no user admin  !  Blow away the default user (and password)

enable password somethinghardtoguess  ! Reset the enable password to something hard to guess

banner motd  #

These aren't the droids you're looking for.  Move along.

#

And set the firewall on your router to keep the curious out.  If you're comfortable with SSH instead of telnet, consider shutting down the telnet interface entirely with:

line telnet 0 4

  shutdown

Always "write memory" after any changes after ending configuration mode.

0 Kudos
jimwhite
New Contributor II

Re: IP and gateway address change

Jump to solution

Thank you .  Your complete and detailed answer let us config these as we need them.  Additionally your examples gave us a feel for how the CLI commands work which greatly shortened the learning curve.

Jim

Anonymous
Not applicable

Re: IP and gateway address change

Jump to solution

-

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post to unmark it and select another in its place with the applicable buttons.  If you have any additional information on this that others may benefit from, please come back to this post to provide an update.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Noor