Answer: Switch Admin Config

By certskills December 20, 2011 19:19

The idea is straightforward all the way around – straightforward configuration requirements, and straightforward answers – no guile, no tricks, just a chance to exercise. The topic for this post: Mostly passwords, and generally doing administrative config on a pair of switches. Lab exercise requires in this earlier post; answers below the fold!

Answers: Switch Admin Config

The answers to this config VM piece mostly require that you exercise your memory. Most of the parameters on the individual commands require no analysis. The trickiest part may be remembering all the pieces of the SSH configuration on SW2.

The SSH configuration was requested in requirement #3 in the original post; I need to make a couple of comments about that particular requirement, as follows:

3) The requirements did not spell out the username/password pair to use, so any pair you made up is legal. I used fred/barney.

3) The requirements did not spell out what domain name to configure; any name you used is fine. I used

3) The default setting on the transport input command would work, but I added the transport input telnet ssh command as a reminder to think about it.

Examples 1 and 2 list the answers. The answers list the configuration in the same order that IOS would list it in the output of a show running-config command, rather than in the same order as the requirements listed in the original post. However, the answers list comments that reference the requirement number. Figure 1 repeats the figure for reference. Ask questions if you have them.

This is a relatively simple exercise, but especially for newbies, there’s nothing wrong with asking questions. Fire away. The next Config VM will build on this config and topology, so stay tuned!

Figure 1 – Lab Topology

Example 1: SW1 Config

Example 2: SW2 Config

Switch Admin Config
Switch IP Config
By certskills December 20, 2011 19:19
Write a comment


  1. HectorJ November 16, 19:26

    I’m a little bit concern about how literal questions of CCNA might be. For example in this lab, question 3 says “allow both telnet and SSH into the switch, with both a username and password”. Despite the fact that I know how to configure ssh (with the “crypto key” and the other stuff), for question’s requirement the answer would be “transport input ssh telnet” and “username fred password barney”; or “transport input all” and “username fred password barney”. Acording with the question text and the “CCENT/CCNA ICND1 100-105” book, even the “transport input…” would be unnecesary, because switches defaults for using both, telnet and ssh. I mean, ssh configuration was not explicitly asked. Do things like this would happen at CCNA exam? What shoul I do? Thanks on advance

    Reply to this comment
  2. CCENTSkills November 17, 10:41

    Two part answer:
    First, don’t let the content in this or any blog make you concerned about the Cisco exam. The exam questions follow a set of internal standards and pass a fairly lengthy review process. Blog posts typically don’t, and the content seldom follows a standard. EG, what’s here, myself (and others for me) wrote and edited the content, with different goals in mind. EG, in a blog post, if someone is confused, they can ask, and maybe I would change the post. So it’s a much different bit of content.

    That said, the other point is that you hit on an important point about understanding the meaning of what is written. You should pay close attention to wording, and have a good understanding of the technical terms.

    In this case, my goal is to get you to think about the configuration, not to make you get confused about wording. That is, the config is the star of the show with these config labs.

    Hope this helps…

    Reply to this comment
  3. Melinda March 3, 08:55

    Okay, here’s the configuration I did:

    SW1# configure terminal
    SW1(config)# line con 0
    SW1(config-line)# password fred
    SW1(config-line)# login
    SW1(config-line)# exit
    SW1(config)# line vty 0 15
    SW1(config-line)# transport input telnet
    SW1(config-line)# password sw1
    SW1(config-line)# login
    SW1(config-line)# exit
    SW1(config)# hostname Switch1
    Switch1(config)# enable secret sw1bad
    Switch1(config)# interface fa0/1
    Switch1(config-int)# description connected to PC1
    Switch1(config-int)# interface fa0/2
    Switch1(config-int)# description connected to PC2
    Switch1(config-int)# interface fa0/3
    Switch1(config-int)# description connected to PC3
    Switch1(config-int)# end
    Switch1# disable

    *Now go to the CLI for SW2

    SW2# configure terminal
    SW2(config)# line con 0
    SW2(config-line)# password fred
    SW2(config-line)# exit
    SW2(config)# ip domain-name
    SW2(config)# crypto key generate rsa
    SW2(config)# username sw2 password thisissw2
    SW2(config)# line vty 0 15
    SW2(config-line)# transport input telnet ssh
    SW2(config-line)# login local
    SW2(config-line)# exit
    SW2(config)# hostname Switch2
    Switch2(config)# enable secret sw2good
    Switch2(config)# interface fa0/4
    Switch2(config-int)# description connected to PC4
    Switch2(config-int)# interface fa0/5
    Switch2(config-int)# description connected to PC5
    Switch2(config-int)# interface fa0/6
    Switch2(config-int)# description connected to PC6
    Switch2(config-int)# end
    Switch2# disable

    Reply to this comment
  4. Lara August 7, 16:53

    When I use the “transport input telnet ssh” command, I get an “invalid input error.” However the “transport input all” command works fine. Any thoughts on the cause of this?

    Reply to this comment
    • certskills Author August 10, 13:01

      My first guess would be that you’re using a simulator rather than real gear, and that the simulator does not support the “transport input telnet ssh” command. I just tried in PT, and it supports one parameters, but not both ssh and telnet on the same command. (Real IOS support “transport input telnet ssh” with both.)
      Hope this helps,

      Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email


Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.