Comprehensive guides for configuring and managing Cisco IOS devices including switches, routers, and network security.

Overview

This section covers configuration, management, and troubleshooting of Cisco network devices running IOS and IOS-XE software.

Quick Navigation

Device Configuration

• Initial Device Setup - First-time configuration
• Basic Switch Configuration
• SSH Configuration

VLANs

• VLAN Creation and Management
• Trunk Configuration
• Inter-VLAN Routing

Network Services

• DHCP Server Configuration
• NAT/PAT Configuration
• Quality of Service (QoS)

Security

• Port Security
• Access Control Lists (ACLs)
• AAA Configuration

Getting Started

Prerequisites

• Physical or virtual access to Cisco IOS device
• Console cable or network connectivity
• Terminal emulation software (PuTTY, SecureCRT, etc.)
• Basic understanding of networking concepts

Console Connection Settings

Parameter	Value
Baud Rate	9600
Data Bits	8
Stop Bits	1
Parity	None
Flow Control	None

Common Device Types

Device Type	Primary Function	Common Models
Switches	Layer 2/3 switching	Catalyst 2960, 3560, 3750, 9300
Routers	WAN connectivity, routing	ISR 4000, ASR 1000, CSR 1000v
Firewalls	Security, traffic filtering	ASA 5500-X, Firepower
Wireless Controllers	Wireless management	WLC 5520, 9800 series

Configuration Guides

Initial Device Configuration

Complete guide to setting up a new Cisco device from first boot to production-ready:

• Entering privileged mode
• Hostname and domain configuration
• Password security
• Console and VTY access
• SSH configuration
• Management interface setup

VLAN Configuration

Comprehensive VLAN implementation for Cisco switches:

• Creating and naming VLANs
• Assigning ports to VLANs
• Trunk port configuration
• Inter-VLAN routing (Router-on-a-stick and Layer 3 switching)
• VLAN security best practices

Network Services

Configure essential network services:

• DHCP pools and reservations
• DNS server configuration
• NAT/PAT for internet connectivity
• NTP time synchronization

Security Configuration

Implement security best practices:

• Port security with MAC address limits
• Access Control Lists (standard and extended)
• SSH secure access
• AAA authentication
• Password encryption

Command Reference

Essential Commands

! Enter privileged EXEC mode
enable

! Enter global configuration mode
configure terminal

! Save configuration
copy running-config startup-config
write memory

! Show running configuration
show running-config

! Show specific configuration
show running-config interface GigabitEthernet0/1

! Show interface status
show ip interface brief
show interfaces status

! Show VLAN information
show vlan brief
show interfaces trunk

! Show routing table
show ip route

! Show MAC address table
show mac address-table

Verification Commands

! Verify connectivity
ping 8.8.8.8
traceroute 8.8.8.8

! Show device information
show version
show inventory
show environment

! Show interface statistics
show interfaces GigabitEthernet0/1
show interfaces GigabitEthernet0/1 switchport

! Show CDP neighbors
show cdp neighbors detail

! Show LLDP neighbors
show lldp neighbors detail

Best Practices

Configuration Management

• Always save configurations: copy run start
• Document all changes
• Use descriptive interface descriptions
• Maintain configuration backups
• Version control configuration files

Security Hardening

• Disable unused interfaces
• Use strong passwords (enable secret vs enable password)
• Enable SSH, disable Telnet
• Configure port security on access ports
• Implement ACLs for traffic filtering
• Use AAA for authentication

Performance Optimization

• Enable spanning-tree portfast on access ports
• Configure appropriate QoS policies
• Use VLANs for traffic segmentation
• Implement proper routing protocols
• Monitor interface utilization

Troubleshooting

Common Issues

Problem	Verification Command	Common Cause
No connectivity	show ip interface brief	Interface down or wrong IP
VLAN issues	show vlan brief	Port not in correct VLAN
Trunk not working	show interfaces trunk	VLAN not allowed on trunk
Routing problems	show ip route	Missing or incorrect route
Port security	show port-security interface	MAC address violation

Debug Commands

! Enable debugging (use with caution in production)
debug ip icmp
debug ip routing
debug spanning-tree events

! Disable all debugging
undebug all

! Show logging
show logging

Additional Resources

Cisco Documentation

• Cisco IOS Configuration Guides
• Cisco Command Reference
• Cisco Learning Network

Training and Certifications

• CCNA (Cisco Certified Network Associate)
• CCNP Enterprise (Professional level)
• DevNet Associate (Automation focused)

Related Topics

• Network Fundamentals - Core networking concepts
• Network Architecture - Enterprise design
• Automation - PowerShell automation framework
• Troubleshooting - Problem resolution