Skip to content

CISCO Switch setup

Basics

This page describes how to set up the minimum requirements for a CISCO switch to work with the ZEM platform. This setup is written to configure a Cisco Switch, with the factory default configuration, and prepare it for usage on the ZEM platform.

Requirements

  • Console access to a Switch via a serial cable.
  • Device in the same subnet with at least one of the Switch's interfaces (we'll configure the IP address of the interface later, but this is required for the Quick start guide).

How to set up console access is not covered in this guide, but can be likely be found in the documentation of the Switch vendor. After this setup, you should be able to connect a Switch to the ZEM platform using the Quick start guide and perform actions using the platform.

Getting started

When connected to the console of the Switch, you should see a prompt like this:

Switch>

We'll start by entering privileged EXEC mode. This is done by entering the command:

Switch>enable

We should now see this prompt, indicating we are in privileged EXEC mode:

Switch#

For the next step, we'll enter global configuration mode. This is done by entering the command:

Switch#configure terminal
(NOTE: This command can be abbreviated to conf t as well.)

We should now see this prompt, indicating we are in global configuration mode:

Switch(config)#

Creating a privileged ZEM user

For ZEM to be able to log in to the switch, we'll create a user with the privilege level of 15. This is done by entering the following commands from global configuration mode:

Replace <password> with a strong password of your choice.

Switch(config)#username admin privilege 15 secret <password>

If no response is received, the command was successful.

Configuring the management interface

The management interface is the interface that ZEM will use to connect to the Switch. This interface is usually a VLAN interface, but can also be a physical interface. In this example, we'll configure the management interface as a VLAN interface.

Replace <vlan> with the VLAN number you want to use for the management interface. Replace <ip> with the IP address you want to use for the management interface. Replace <mask> with the subnet mask you want to use for the management interface.

Switch(config)#interface vlan <vlan>
Switch(config-if)#ip address <ip> <mask>
Switch(config-if)#no shutdown
Switch(config-if)#exit

We'll also need to configure the interface to be in the correct VLAN. This is done by entering the following command:

Replace <interface> with the interface you want to use for the management interface.

Switch(config)#interface <interface>
Switch(config-if)#switchport access vlan <vlan>
Switch(config-if)#exit

For the purpose of this guide, the GigabitEthernet interface 1/0/10 will be used as the management interface. A full example configuration would look like this:

Switch(config)#interface vlan 10
Switch(config-if)#ip address 192.168.1.10 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#interface gigabitethernet 1/0/10
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit

We can now connect to the Switch port, assuming we are in the same subnet as the management interface. To test connectivity, we can use the ping command from your computer:

ping <ip>

In our case:

ping 192.168.1.10

If the ping is successful, we can continue with the next step.

Configuring SSH

SSH is the protocol that ZEM will use to connect to the Switch. We'll need to configure SSH on the Switch, generate the keys, and enable SSH access for our configured user. To configure SSH, the Switch needs a hostname and domain name. This is done by entering the following commands from global configuration mode:

Replace <hostname> with the hostname you want to use for the Switch. Replace <domain> with the domain name you want to use for the Switch.

Switch(config)#hostname <hostname>
Switch(config)#ip domain-name <domain>

These values are not important for ZEM, but are required for SSH to work. An example configuration would look like this:

Switch(config)#hostname SW1
Switch(config)#ip domain-name example.com

We can now generate the SSH keys. This is done by entering the following command from global configuration mode:

Switch(config)#crypto key generate rsa

This will generate the SSH keys. The Switch will ask for the key size. The default key size is 1024 bits, which is sufficient for most use cases. If you want to use a larger key size, you can enter a value between 512 and 2048. We'll use the default value of 1024 bits for this example, so we'll just press enter.

We can now enable SSH access for our configured user. This is done by entering the following command from global configuration mode:

Switch(config)#ip ssh version 2
Switch(config)#line vty 0 15
Switch(config-line)#transport input ssh
Switch(config-line)#login local
Switch(config-line)#privilege level 15
Switch(config-line)#end

This is the minimum configuration required for SSH to work. Let's test if SSH is working, by using the SSH client of your choice. In this example, we'll use the SSH client ssh from the command line. Replace <ip> with the IP address of the management interface. 

ssh admin@<ip>

In our case: 

ssh admin@192.168.1.10

If the SSH connection is successful, you should be prompted for the password you configured earlier. When you enter the password, you should see the following prompt (if the SSH connection was successful):

SW1>

Other configurations

No enable secret and/or password

ZEM requires the Switch to NOT have an enable secret and/or password. Assuming we're still in privileged EXEC mode, we can disable the enable secret and/or password by entering the following commands:

Switch#configure terminal
Switch(config)#no enable secret
Switch(config)#no enable password
Switch(config)#exit

SNMP community

We'll also need to configure SNMP on the Switch. This is done by entering the following commands from global configuration mode: Replace <community> with the SNMP community string you want to use for the Switch.

NOTE: This will need to match the SNMP community string configured in ZEM. This can also be generated by the form when adding the Switch in ZEM, in which case you can use the generated string here.

Switch#configure terminal
Switch(config)#snmp-server community <community>
Switch(config)#exit

Saving our configuration

To save our configuration, we can use the following command:

Switch#write

OR from global configuration mode:

Switch(config)#do write

This will save the configuration to the startup configuration file, so it will be loaded on the next reboot. We're now done with the basic configuration of the Switch, and we can continue with the Quick start guide.