Skip to content

Lab 1: Setting Up a Cisco SG350X 24 Port SwitchΒΆ

Overview πŸ”ŽΒΆ

This lab guides you through the complete setup process of a Cisco SG350X 24 Port Switch using its web GUI. By the end of this lab, you'll have configured the switch, saved and backed up its configuration, and tested factory reset and restoration.

⚑ Before You Begin:

  • Access to the Cisco SG350X 24 Port Switch (SW01).

  • A PC to connect to the switch for accessing the web GUI.

  • A USB or PC to save and restore configuration files to and from.

1. Initial Setup - NIC Configuration and Reset βš™οΈΒΆ

In most environments you will have a DHCP server (firewall or DC typically) that hands out IP addresses when a device plugs into the network. Without one, we'll have to assign our own IP address. Cisco switches have a default IP address of 192.168.1.254 so we need to ensure our new IP is in the same subnet so that we can communicate.

On Windows 11 you can update your NIC by going to Settings > Network & Internet > Advanced Network Settings then expand your built-in Ethernet adapter and edit the IPv4 Properties.

  • Set your NIC IP to 192.168.1.100 and ensure the subnet mask is 255.255.255.0 and save.

Tip

If you are also plugged into a docking station, then please temporarily disable your additional Ethernet Adapter(s) so that traffic doesn't get mistakenly routed through them. You can re-enable them at the end of the lab.

NIC Adapter Settings

Note

Because we're plugged directly into the switch we can communicate on the Layer 2 (L2) network, therefore we do not need a router, or default gateway, to route our network requests. We're going to be navigating Web GUIs directly by IP Addresses so we have no need for DNS servers either - We can leave both sections blank for this lab!

2. Connect to the Switch πŸ”„ΒΆ

  • Ethernet Connection: Connect your computer to the Cisco SG350X 24 Port Switch via an Ethernet cable into port GE12 (top-right).
  • Access the Switch: Open a browser and visit 192.168.1.254.
  • Login: Use the default credentials: (cisco / cisco) πŸ”‘.
  • Change Password: Please update the password to something a bit more secure, such as $ecureLab!.

⚠️ Usernames and passwords are case sensitive, so be careful what you type!

Oops! No access? 😬

If you can’t get in, perform a factory reset! Here’s how:

Use a paperclip or another object to carefully press and hold the reset button on the front of the switch for 15-20 seconds, then release. For more help, check out the Cisco Reset Guide.

3. Add User and Update Settings πŸ§‘β€πŸ’»ΒΆ

Add User:

  • Go to Administration > User Accounts > Add.
  • Create a user with these details:
    • Username: nie
    • Password: $ecureLab!
    • Level: 15
  • Note: Make sure the user has full administrative rights (Level 15) to make all necessary configuration changes. πŸ› οΈ

System Settings:

  • Go to Administration > System Settings.
  • Set the System Location to 5400 Patton Dr. STE 4a, Lisle, Illinois 60532.
  • Set the Contact to support@networkiteasy.com.
  • Change the Host Name to User Defined and give it a new name: SW01
  • Set a Login Banner and Welcome Banner (you can use the same text): NIE 24-Port Cisco Lab Switch.
  • Click Apply.

Time Settings:

  • Go to Administration > Time Settings > System Time.
  • Configure the time zone under Manual Settings by using the Click Here button to import from your computer.
  • Click Apply.

Why not use SNTP?

In most cases it would probably make sense to configure SNTP servers for keeping time up-to-date. This allows the switch to check in with public servers whose sole purpose is keeping track of time. In this lab we won't have an outside Internet connection to reach the public servers, but be sure to try this out in future labs.

4. Save Configuration πŸ’ΎΒΆ

πŸ”‘ Saving Changes in the Web GUI

To ensure your changes are preserved after a reboot, you must save the running configuration to the startup configuration. Along the top of the Web GUI you’ll notice a flashing Save Icon (πŸ’Ύ) prominently displayed. Clicking this icon copies your current running configuration to NVRAM, effectively committing the changes as the new startup configuration.

πŸ’‘Bailout Strategy: If a configuration change may cause an issue, restarting the switch without saving allows it to revert to the last saved startup configuration, effectively bailing you out. This can be used in some scenarios to your benefit if planned accordingly!

πŸ› οΈ Running and Startup Configurations with Cisco Switches

When working with Cisco switches, understanding the distinction between running and startup configurations is critical for managing and preserving network settings effectively.

πŸ”„ The running configuration refers to the current settings actively applied to the switch. Any changes you makeβ€”whether via CLI or the Web GUIβ€”are reflected here immediately. However, these changes are temporary and exist only in the switch’s RAM. If the switch is restarted or powered off, the running configuration is erased.

πŸ’Ύ The startup configuration is the saved version of your settings stored in NVRAM (non-volatile memory). This configuration persists across reboots and is loaded automatically when the switch powers on.

5. Firmware Upgrade πŸ”§ΒΆ

  • Search for the latest firmware version for your Cisco switch on Google or use the firmware provided in the lab files. Be sure to download firmware from Cisco's website only.
  • Navigate to Administration > File Management > Firmware Operations.
  • Click Update Firmware, browse to the folder containing the firmware on your PC and apply the upgrade. If you are using a USB, then it needs to be on the root of the drive. πŸš€

πŸ“’NOTE: The switch may already be on the latest firmware, and that's fine! For the purposes of this lab, you can still "upgrade" the firmware to the same version so that you can see the process.

6. Configure IP Address 🌍¢

  • Navigate to IP Configuration > IPv4 Management and Interfaces > IPv4 Interface.

  • Add the new Static IP address and Apply the details below:

    • IP Address: 192.168.10.2
    • Network Mask: 255.255.255.0

  • Click OK through the popup. The switch will now lose connection as it updates to the new IP address.

  • Update your NIC adapter settings to a compatible address within the same subnet (e.g., 192.168.10.100).

  • Re-navigate to the switch's new IP (192.168.10.2) and log in again.

  • Save Config: Don’t forget to save your changes! πŸ’Ύ

7. Name Critical Interfaces πŸ”ŒΒΆ

But do we have to?

I'm sure you've worked a ticket before where you really wished someone labeled which port some critical device was plugged into.

Take a few minutes now to get these critical ports updated with a brief description. It'll make your life easier later on, or better yet, maybe you'll save your teammates day in the future!⭐ Our lab doesn't have much, but good examples would be: descriptive message about uplinks between infrastructure (firewalls, access points, switches, servers, printers, UPS), specific phones like 'reception', or any unique and customer-specific infrastructure that would be cause for an emergency if it went down on a weekend.

  • Go to Port Management > Port Settings.
  • Click the radio button for GE1 and scroll down to the bottom of the page then select edit.
  • Set the Description to NIE-LAB-T45-PAX8 and click Apply.

  • You can switch ports from within the window by selecting them in the Port dropdown at the top. Update and Apply the descriptions for each of the remaining ports below:

    • GE2: AP01.
    • GE3: DC01.
    • GE24: SW02.

  • Click Close when the critical ports have all been renamed. πŸ”§

8. Add VLANs πŸ–§ΒΆ

Navigate to VLAN Management > VLAN Settings > Add.

For each VLAN, enter the following configuration:

VLAN Name VLAN ID
LAN 1
SECURITY 20
VOIP 30
GUEST 40

Click Apply and save the configuration. πŸ’Ύ

VLAN 1 is configured by default.

9. Auto Voice VLAN and Smartport ☎️¢

  • Navigate to VLAN Management > Voice VLAN > Properties.
  • Set the Voice VLAN ID to 30 and click Apply and OK.
  • Go to Smartport > Properties.
  • Set Smartport to enabled by Auto Voice VLAN.

10. Access vs Trunk Ports 🌐¢

What's the difference between the two?πŸ’‘

  • Access Ports: Used for devices that only need to communicate with a single VLAN or network. Common use cases would be workstations that only need to communicate on the main LAN, or security cameras that should only be accessible on the security VLAN. Most ports should be configured to Access typically unless needed otherwise.

  • Trunk Ports: Configuring trunk ports allows the connected device to communicate with multiple VLANs. This is used for linking infrastrucutre together such as switches, access points, etc. For example, when linking switches together, they typically need to be made aware of all possible VLANs so you'd need to configure a Trunk port on each switch.

    Another common Trunk example is when customers have Voice VLANs and PBX servers - you can leverage a trunk port so that the physical VoIP phone or handset can be plugged into the main Voice VLAN, but can tag the Lan VLAN on the switchport as well so that the phone can passthru the main Lan connection to a PC for it to communicate.

  • Navigate to VLAN Management > Interface Settings.
  • Select the following interfaces and edit them to Trunk and Apply:
    • GE1: NIE-LAB-T45-PAX8.
    • GE2: AP01.
    • GE24: SW02.

11. Tagging VLANs 🏷️¢

These can be hard to keep straight!

Untagged / Native VLAN: You will hear these terms often used interchangeably. The untagged, or native VLAN, dictates what network the device will be assigned to.

Tagged VLANs: In cases where a port is configured as a Trunk port, you can tag additional VLANs that the port needs to communicate with. The device will be assigned to the untagged/native VLAN, but can communicate with other VLANs that have been tagged.

In the above example of linking switches together, you would configure the Untagged/Native VLAN to 1 so that it's accessible on the main LAN, but then tag all other VLANs so that it can "passthru" the other networks between switches.

  • Navigate to VLAN Management > Port VLAN Membership.
  • Select GE2 AP01 and click Join VLAN
    • Set to User Defined and only tag the GUEST (40).
    • Apply your changes and close the window.
  • Save Config: Make sure all your changes are saved! πŸ’Ύ

12. Backup Configuration πŸ”ΒΆ

  • Navigate to Administration > File Management > File Operations.
  • Select Backup File.
  • Choose Running Config (save your configuration if you didn't already do it!).
  • Select HTTP/HTTPS or USB to download the backup file:
    • If using HTTP/HTTPS, the file will download directly to your PC via your browser.
    • If using USB, ensure a USB drive is inserted into the switch. It will save to the root of the USB.
  • Encrypt Sensitive Data: Always check the option to encrypt the configuration file to keep it secure. πŸ”’

πŸ“’Name your backup file!
Rename it to someting useful such as cisco_config_baseline.txt. We will add onto this configuration in the next lab, but this is a great baseline to restore and get started at any point!.

13. Reset the Switch and Restore Config πŸ”„ΒΆ

Reset to Factory Defaults

  • Navigate to Administration > Reboot.
  • Choose Immediate and select Restore to Factory Defaults. Click Reboot and OK.

Tip

⏰ This process will take about 5 minutes while the switch reloads the factory defaults. At that time, the master and number 1 light on the switch should be solid green, and the system light will flash continuously. Please continue with the next steps in the meantime so that your computer can connect to the switch once it's finished.

If you have been waiting for longer than 5-10 minutes, please review the prior steps carefully to ensure you completed them correctly. You can restart the switch and try to access it on either IP we've been using in this lab, but your NIC will need to be configured for the proper network.


Restore the Configuration

  • Reset your NIC Adapter to something like 192.168.1.100 and reconnect to the switch at the default IP 192.168.1.254.
  • Log in using the default credentials (cisco/cisco).
  • Configure a temporary new password to complete the login.
  • Navigate to Administration > File Management > File Operations.
  • Choose Update File and upload your saved config file to the Running Configuration. Hit Apply.

Connection Lost . . . πŸ€–

Because you're updating to the running configuration, it will instantly switch to the IP stored in the config file. That means you're disconnected and need to update your NIC again. 😊


Reconnect to the Switch

  • Set the NIC to 192.168.10.100 and reconnect to the switch at 192.168.10.2. You should notice your Welcome Message is configured if successful.

You can poke around and confirm all your settings have been restored exactly as they were.

Food for Thought

This exercise helps highlight how important backups are. Imagine a scenario where a switch fails and you have to replace it with a temporary one from stock. Having a recent backup file to restore from can save you hours (or days πŸ˜…) in that situation.

A quick swap of the hardware, set a static IP on your laptop, plug in, restore, save config - done in 20!.

14. Reset for Future Labs πŸ”„ΒΆ

  • Navigate to Administration > Reboot.
  • Select Immediate and Restore to Factory Defaults. Click Reboot.
  • Reset your NIC adapter to DHCP for IPv4.
  • Your lab is now ready for the next user! πŸŽ‰

The Bigger Picture 🌐

This lab provided foundational skills for managing Cisco switches, but the techniques you’ve learned here apply across various network devices and scenarios from simple setups to complex enterprise environments.

Next Steps πŸš€ΒΆ

  • Explore the GUI and practice restoring configurations to reinforce your troubleshooting skills.
  • Experiment with SNTP time settings and other advanced features to enhance your understanding of its capabilities.
  • Document the steps you’ve taken for future reference, ensuring that you can replicate and troubleshoot as needed.
  • Move on to the next Lab once you're ready.

By developing strong habits and staying consistent, you’ll be well-equipped to tackle real-world networking challenges in no time!

Happy networking! 🌟