Chapter 2, which explains how to configure the CLI for an IP address and a Level 15 password in order to use the CVSM. The last section of the Immediate Solutions section will walk you through the CVSM Web Management screens on the 1900 series switch, looking at each screen individually and identifying the configuration changes that can be made from each screen.
Configuring the Switch with an IP Address and Setting the Default Web Administration Port
When a switch is first plugged in and finishes initializing, no IP address is configured. You do not have to configure an IP address, but having one in place will help you manage your switch.
Follow these steps to set an IP address and identify the TCP port to be used. (These steps assume that a password has been configured on the switch.)
1.From the Main Menu on your Catalyst 1900, select [N] for Network Management.
2.At the Network Management Console, select [I] for IP Configuration.
3.Verify your address; or, if you do not have one, enter one at this point. Here’s what you should see:
Catalyst 1900 − IP Configuration Ethernet Address: 00−B0−64−75−65−40
——————————−—————————— Settings ———————————————————
[I] IP address |
|
192.1.2.1 |
[S] Subnet mask |
|
255.255.255.0 |
[G] Default gateway |
0.0.0.0 |
|
[V] Management |
VLAN |
1 |
[M] IP address |
of DNS server 1 |
0.0.0.0 |
[N] IP address |
of DNS server 2 |
0.0.0.0 |
[D] Domain name |
|
|
[R] Use Routing Information Protocol |
Enabled |
|
—————————————————————— Actions ————————————————————
[P] Ping
[C] Clear cached DNS entries [X] Exit to previous menu Enter Selection:
4.Once your IP configuration is set, back out to the Network Management menu.
5.Select [H] for HTTP Server Configuration. Notice that the default port is port 80. To reduce intrusion possibilities, we suggest using another port.
Tip Keep in mind that although port 443 is a very common port for HTTP−encrypted transmissions, in this case it is only a port—it is not secured at all.
6.The HTTP server listens by default on TCP port 80 as seen here:
Catalyst 1900 |
− HTTP Server Configuration |
|
—————————— Settings ———————————————— |
||
[H] HTTP |
|
Enabled |
[P] HTTP |
Port |
80 |
[X] Exit |
to previous menu |
|
Enter Selection: P
∙However, it can be configured to listen on any other user−defined port. Port 23 can’t be used because it is reserved for Telnet. To change the default port, select [P] from the HTTP Server Configuration menu. Here is an example of changing the default HTTP port:
Enter HTTP port (0 to 65535):
Current setting ===> 80
275
New setting ===> 1024
∙We have now changed the HTTP port to 1024. You should use a numbering scheme that your department or organization believes to be the best.
Related solutions: |
Found on page: |
Configuring an IP Address and Netmask |
57 |
Configuring Network Settings on the 1900 and 2820 |
456 |
Series |
|
Connecting to the Web Management Console
Now that your port is configured and HTTP is enabled, you can connect to the Web Management Console. From any browser or address bar, type the address of your switch and the corresponding port number. For this example, the port number is 1024, and the URL should look something like http://192.1.2.1:1024/.
Note You can connect by hostname and port (e.g. http://cat1900.xyz.com:1024/) if DNS is configured on your network. However, keep in mind that in times of network troubleshooting, it’s better to use native IP instead of DNS resolution.
Once you enter your URL, you’ll be prompted for an account and password. When you enter the password with no account specified, the switch will validate your password and redirect you to the Switch Manager Basic System Configuration Page shown in Figure 14.1.
Figure 14.1: The home page of the Web Management Console.
Take some time to get to know what the Switch Manager has to offer. Beginning from the top, from left to right, you have the following options:
Note |
This list covers only the options located at the top of the frame. The left frame remains the same |
|
throughout the CVSM session. |
∙HOME—The Basic System Configuration page and the page you are currently on.
∙PORT—The Port Management page. This page allows you to configure every aspect of a switch port—the port’s linkbeat, type of cast (uni− or multi−), congestion control, port name and/or description, and statistics. The page is shown in Figure 14.2.
276
Figure 14.2: This page allows you the ability to configure port speeds, view statistics, name the ports, and manage various switch modules if they have been inserted into the switch.
∙ADDRESS—The Address Table Management page. This page manages the Dynamic Address Table, the Permanent Unicast Address and Port Security Table, and the Multicast Address Table. Figure 14.3 shows an example.
Figure 14.3: From here you can view and manage dynamic addresses and unicast and multicast tables.
∙SNMP—The SNMP Management page. This page lets you manage and define where to send the SNMP information and who has read or write access to the SNMP information traps. Figure 14.4 shows this page.
277
Figure 14.4: This page allows you to configure the SNMP properties, such as the community settings, and identify the IP address for the trap messages to be sent to.
∙STP—The Spanning Tree Management page. This management page allows you to enable or disable STP on the specific switch ports, modify various Spanning Tree parameters, and configure STP. Among other things, you can set the path cost, priority, and port fast mode. For an example, see Figure 14.5.
Figure 14.5: This page gives you more details and options for configuring STP.
∙CDP—The CDP Management page. This page lists all the devices that have Cisco Discovery
Protocol (CDP) enabled. You can browse them, access them by Telnet, and retrieve further details on the selected device. Figure 14.6 shows an example.
278
Figure 14.6: The CDP Management page allows you to choose which ports you want defined for CDP.
∙SPAN—The SPAN Configuration and Port Monitoring page. Here you have the option of selecting the port to which you want to send the captured frames and the ports to be monitored. See Figure 14.7.
Figure 14.7: This page allows you to configure which ports to monitor and where they are monitored from.
∙CONSOLE—The Console and Upgrade Configuration page. As you can see in Figure 14.8, this page
is self explanatory. However, we wanted to bring to your attention the Accept Upgrade Transfer From Other Hosts option; it may be a vulnerability if you leave it selected.
279
Figure 14.8: This page allows you to manage the console and firmware upgrades.
Note Prior to a TFTP upgrade a dialog box will appear and say something like, “When you use this page to upgrade the switch, it may not respond for up to one minute. During this time do not unplug the switch.
This behavior is normal.” Once you click on OK, another dialog box will pop open and ask you, Do you wish to continue with the upgrade process?
∙STATISTICS—The Statistics Reports page. Here you can reset individual statistics or all statistics captured on each port. Figure 14.9 shows an example.
Figure 14.9: This page allows you to reset the individual ports or all ports on the switch. You can also view various receiving and forwarding information.
∙SYSTEM—The System Management and Broadcast Storm Control page. This page is very much like the Main Menu accessed via the console port. Options include IP configuration, Mask, Domain Name, Gateway, DNS 1 and 2, RIP, Switching mode, and so on. See Figure 14.10.
280