Basic Cisco Switch Configuration

In my opinion, the Cisco switches are the best in the market. Versatile, reliable, flexible and powerful, the Cisco switch product line (such as the 2960, 3560, 3750, 4500, 6500 etc) offer unparalleled performance and features.

Although a Cisco switch is a much simpler network device compared with other devices (such as routers and firewalls for example), many people have difficulties to configure a Cisco Catalyst Switch. Unlike other lower class switch vendors (which are plug-and-play), the Cisco switch needs some initial basic configuration in order to enable management, security and some other important features.

In this article I will describe the basic steps needed to configure a Cisco switch from scratch. I don’t like graphical GUI or web management at all, so I will show you command line configuration which is much more powerful and makes the administrators learn what they are doing on the device.

STEP1: Connect to the device via console

Use a terminal emulation software such as PuTTY and connect to the console of the switch. You will get the initial command prompt “Switch>

Type “enable” and hit enter. You will get into privileged mode (“Switch#”)

 Now, get into Global Configuration Mode:

Switch# configure terminal

STEP2: Set up a hostname for the particular switch to distinguish it in the network

Switch(config)# hostname access-switch1

STEP3: Configure an administration password (enable secret password)

access-switch1(config)# enable secret somestrongpass

STEP4: Configure a password for Telnet access

access-switch1(config)# line vty 0 15
access-switch1(config-line)# password strongtelnetpass
access-switch1(config-line)# login
access-switch1(config-line)# exit

STEP5: Define which IP addresses are allowed to access the switch via Telnet

access-switch1(config)# ip access-list standard TELNET-ACCESS
access-switch1(config-std-nacl)# permit
access-switch1(config-std-nacl)# permit
access-switch1(config-std-nacl)# exit

!Apply the access list to Telnet VTY Lines
access-switch1(config)# line vty 0 15
access-switch1(config-line)# access-class TELNET-ACCESS in
access-switch1(config-line)# exit

STEP6: Assign IP address to the switch for management

!Management IP is assigned to Vlan 1 by default
access-switch1(config)# interface vlan 1
access-switch1(config-if)# ip address
access-switch1(config-if)# exit

STEP7: Assign default gateway to the switch

access-switch1(config)# ip default-gateway

STEP8: Disable unneeded ports on the switch

! This step is optional but enhances security
! Assume that we have a 48-port switch and we don’t need ports 25 to 48

access-switch1(config)# interface range fe 0/25-48
access-switch1(config-if-range)# shutdown
access-switch1(config-if-range)# exit

STEP9: Save the configuration

access-switch1(config)# wr

The above are some steps that can be followed for basic set-up of a Cisco switch. Of course there are more things you can configure (such as SNMP servers, NTP, AAA etc) but those depend on the requirements of each particular network.


  1. Shawki says

    I love your tutorials. Are you the writer of the book advertised on this page? If so would the book help with the Cisco examinations?

  2. Blog Admin says


    I’m glad you like my tutorials. Yes, I’m the writer of the book you see here (Cisco ASA Firewall Fundamentals). It will help you for the FIREWALL exam (CCNP Security) as a supplementary book but you will need more resources to pass the exam.

  3. friday ivan says

    what is the defferent between wr used to save configuration and copy run start, thanks i liked the configurations used. they are cool and understandable

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>