Tech 

Five things you should do after connecting your new Cisco Switch



I bought a new Cisco SG300 10-port Gigabit Ethernet Managed Switch a few months ago and it has been one of the best investments for my small home network. Cisco switches have so many features and options that can be configured for detailed network control. When it comes to security, their products stand out.

In this regard, it is very interesting how unprotected Cisco switches are ready to use immediately after opening. After connecting, it either obtains an IP address from a DHCP server or assigns itself an IP address (usually 192.168.1.254) and uses cisco for username and password. Alas!

Since most networks use the network ID 192.168.1.x, the switch is fully accessible to everyone on the network. In this article, I’ll go through the five immediate steps you should take after flipping the switch. This will ensure that your device is secure and properly configured.

Note: This article is intended for home or small office users who are new to Cisco switches. If you are a Cisco engineer, everything will be very simplified for you.

Step 1 – Change the default username and password

This is obviously the first step and the most important. After logging into the switch, expand administration, then click User accounts .

The first thing you’ll want to do is add another user account so you can then delete the original cisco user account. Make sure you assign a new account with full access that has access read/write (15) in Cisco language. Use a strong password, then log out of your account cisco and sign in with your new account. You should now be able to delete the default account.

Getting involved is also a good idea password recovery servicesin case you forget the password you set. You will need console access to reset your password.

Step 2 – Assign a static IP address

By default, the switch should already have a static IP address, but if it doesn’t, you need to set it manually. This will also be required if you are not using the 192.168.1 network ID. To do this, expand administrationManagement interfaceIPv4 interface .

Choose Static for type of IP address and enter a static IP address. It will also make it easier to manage the switch. If you know the default gateway for your network, please add it below as well default admin login .

It is also worth noting that the IP address is assigned to the virtual LAN interface, which means that you can access the device using the IP address regardless of which port is connected to the switch as long as those ports are assigned management of VLANs elected at the top. The default is this VLAN 1, and all ports are in VLAN 1 by default.

Step 3 – Update the software

Since my cheap Netgear router can check the internet for software updates and automatically download and install them, you’d think a fancy Cisco switch could do the same. But you are wrong! They probably don’t do this for security reasons, but it’s still annoying.

To update a Cisco switch with new firmware, you must download it from the Cisco website and then upload it to the switch. In addition, you need to change the active image to the new firmware version. I really like this feature as it provides a little protection in case something goes wrong.

To find the new firmware, just select your switch model with the firmware at the end. For example, in my case, I just installed the Cisco SG300-10 firmware.

I will write another article on how to upgrade your Cisco router’s firmware because there are a few things you should know before doing so.

Step 4 – Set up secure access

The next step I recommend is to only allow secure access to the switch. If you are a command line pro, you should really disable the GUI completely and only allow SSH access. However, if you need a GUI, you should set it up for use HTTPS instead of HTTP.

See my previous post on how to enable SSH access to the switch and then login using a utility like puTTY. For even more security, you can enable public key authentication using SSH and log in with your private key. You can also restrict access to the management interface by IP address, which I will write about in the next post.

Step 5 – Copy the Run configuration to the initial configuration

The last thing you want to get used to when using any Cisco device is copying the working configuration to the initial configuration. Basically, any changes you make are only stored in RAM, which means that when you restart your device, all your settings will be lost.

To save a configuration permanently, you must copy the running configuration to the initial configuration that is stored in NVRAM or persistent RAM. To do this, expand administrationand then file management, then click Copy / Save configuration .

The default settings should be correct so all you have to do is click apply . Again, make sure you do this every time you make any changes to the Switch.

These were basically the basic configuration steps for setting up and configuring security. I’ll be posting more advanced instructions on other aspects of the switch soon. If you have any questions feel free to comment. To enjoy!

Related posts

Leave a Comment