Switch cheet sheet

First you will need minicom to connect to the switch’s console,
install minicom on your laptop:

$apt-get install minicom / yum install minicom

After that configure your minicom:

$sudo su – (you need root privilege to use minicom)
$minicom -s

– Serial Port Setup -> Serial Device (check dmesg which USB connected to, most likely it will be ttyUSB0) -> BPS (change to 9600)
– Save setup as dfl (save as default so next time you don’t need to configure again)

$minicom

You should be able to see the console mode now, by factory setting, there’s no password needed, just ‘enable’ and start configuring:

$en (enable)
$conf t (configure terminal)

If your switch is going to link multiple vlans together, you need to configure your uplink port to trunk port,
trunk port will encapsule the packet and pass whatever vlan id it has in its database.

$do show vlan (show if there’s any vlan configured already, other than the default vlan1,1002,1003,1004,1005)
$no vlan 999 (remove vlan 999 if its configured)

$vtp mode transparent (this will remove the vtp server client setup, making the switch compatible with our deployment)
$vlan 534 (add vlan id 534 to database)
$vlan 535 (add in the second vlan that used by this switch)
$interface Gi0/1 (let’s say this is your uplink port)
$switchport mode trunk
$end (exit back to configure terminal)
$interface range Fa0/1-10 (configure port1 to port 10 to vlan 534)
$switchport access vlan 534 (use access mode since only one vlan these ports will be connecting to)
$interface range Fa0/11-20 (configure port11 to port 20 to vlan 535)
$switchport access vlan 535
$end

The next step is to configure IP address to the switch itself, 14.102.148.11 is the IP assigned and this IP belongs to vlan 534
$interface vlan 534
$ip address 14.102.148.11 255.255.255.192
$ip default gateway 14.102.148.1
$end
$hostname aims-2fd26-sw01.ips1infra.net (just change the rack number and switch number)

Set the telnet username and password:
$username (username )privilege 15 password 0
$enable password abc123
$service password-encryption

$copy running-config startup-config (save the configuration)

To limit the bandwith:
$conf t
$interface Fa0/xx
$speed 10 (limit to 10mbps)
$storm-control unicast level pps 3k (limit packet per second)

Other commands cheat sheet:
=============================

remove the configuration to reset the switch back to factory default,please reboot after delete:
$delete flash:config.txt

reboot the switch:
$reload

shutdown a port:
$conf t
$interface Fa0/xx
$shut

activate a port:
$conf t
$interface Fa0/xx
$no shut

How to change en password:
$conf t
$no enable password
$enable password

How to limit IP address that able to access to the switch:
$ip access-list extended ACL_ALL
permit ip any any
$ip access-list extended MGT_FILTER
permit ip 116.0.102.0 0.0.0.255 any
permit ip 210.5.40.0 0.0.0.255 any
permit ip 202.190.197.0 0.0.0.255 any
permit ip 202.190.199.0 0.0.0.255 any
permit ip host 210.5.47.13 any
deny ip any any

check cable or port
show int fa0/38
** check CRC, if > 0 then got issue

or
show int summary