Skip to main content
Cisco CCNA Prep – Complete Beginner to Intermediate Guide
CHAPTER 11 Intermediate

Configuring Cisco Routers and Switches

Updated: May 16, 2026
30 min read

# CHAPTER 11

Configuring Cisco Routers and Switches

1. Introduction

In the previous chapter, we learned how to navigate the Cisco IOS file system. Now, we will execute our first operational configurations. When you deploy a new Cisco device, it arrives from the factory with a blank slate: no name, no passwords, and all ports administratively disabled. If you do not lock it down, anyone with a console cable can seize control of the network. In this chapter, we will build the foundational security configuration required for every Cisco device. We will learn how to assign Hostnames, secure the device with encrypted passwords, and most importantly, dive into Interface Configuration mode to assign IP addresses and physically turn the router ports on.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Assign a unique Hostname to a Cisco device.
  • Secure the Privileged EXEC mode using the enable secret command.
  • Enter Interface Configuration mode.
  • Assign an IP address and Subnet Mask to a router interface.
  • Enable a router interface using the no shutdown command.
  • Differentiate between Router interface configuration and Switch Virtual Interface (SVI) configuration.

3. Step 1: Hostnames and Passwords

When you log into a factory-new router, the prompt simply says Router>. If you have 50 routers, this is a disaster. You must name it.

Configuring the Hostname:

bash
123 
enable
configure terminal
hostname NY-HQ-ROUTER-1

*The prompt instantly changes to NY-HQ-ROUTER-1(config)#.*

Securing the Admin Mode: Right now, anyone can type enable and get full admin access. We must lock it down.

bash
1 
enable secret Cisco123!

Now, when someone types enable, the router will stop and ask for the password. The word secret ensures the password is mathematically encrypted in the configuration file, so shoulder-surfers cannot read it.

4. Step 2: Configuring Router Interfaces (Layer 3)

A router's job is to route IP packets. Therefore, every physical port on a router MUST have an IP address. By default, all Cisco router ports are turned OFF.

Assigning an IP Address: Let's say we plug a cable into the Gigabit 0/0 port. We need to assign it the IP 192.168.1.1 and turn it on.

bash
12345678 
# Enter specific interface configuration mode
interface GigabitEthernet0/0

# Assign the IP and the Subnet Mask
ip address 192.168.1.1 255.255.255.0

# Turn the physical port ON
no shutdown

*You will immediately see a console message: %LINK-3-UPDOWN: Interface GigabitEthernet0/0, changed state to up.*

5. Step 3: Configuring Switch Interfaces (Layer 2)

Switch configuration is fundamentally different from Router configuration. A Layer 2 switch DOES NOT assign IP addresses to its physical ports. Its ports only care about MAC addresses (VLAN Access or Trunk ports).

Configuring an Access Port: Let's assign Port 5 on a switch to VLAN 10.

bash
123 
interface FastEthernet0/5
switchport mode access
switchport access vlan 10

Configuring the Switch IP (SVI): If the switch's physical ports don't have IP addresses, how do you SSH into the switch to manage it from home? You assign an IP address to a *Virtual* interface called an SVI (Switch Virtual Interface), usually on VLAN 1.

bash
123 
interface vlan 1
ip address 10.0.0.5 255.255.255.0
no shutdown

Now, you can ping 10.0.0.5 to reach the switch itself!

6. Verification and Troubleshooting

Always verify your work before logging off. Drop back to Privileged EXEC mode (#) and type: show ip interface brief

Look at the columns:

  • Interface: GigabitEthernet0/0
  • IP-Address: 192.168.1.1
  • Status: up (This means Layer 1 is good; the no shutdown worked).
  • Protocol: up (This means Layer 2 is good; the switch on the other end is talking).

If Status says administratively down, you forgot to type no shutdown.

7. Beginner-friendly Explanations

The "No" Command: In Cisco IOS, the word no is the universal delete button. If you type hostname R1 and want to delete it, type no hostname. If you type ip address 10.0.0.1 255.255.255.0 and realize it's a typo, do not just type a new one over it. Type no ip address to wipe it clean, then type the correct one. This is why we type no shutdown to turn a port on. The default state is "shutdown". We are telling the router: "Do NOT shut down."

8. Best Practices

  • Descriptions: A 48-port switch looks identical from the front. If a port goes down at 3 AM, you need to know what was plugged into it. Always add descriptions to your interfaces!
``bash interface GigabitEthernet0/0 description LINK-TO-MAIN-FIREWALL `

9. Common Mistakes

  • Applying Subnet Masks to Switches: A beginner tries to type ip address 192.168.1.5 255.255.255.0 directly onto a physical switch port (interface FastEthernet0/1). The switch throws an error. Remember: standard Layer 2 switch ports cannot hold IP addresses. You must apply the IP to the logical interface vlan 1 instead.

10. Mini Project: Build a Two-Device Network

In Cisco Packet Tracer:
  1. 1. Drag a Router and a PC onto the screen. Connect them with a cable to Gigabit0/0.
  1. 2. On the Router CLI, enter global config, assign Gigabit0/0 the IP 192.168.1.1 255.255.255.0, and type no shutdown.
  1. 3. Open the PC GUI configuration. Assign it the IP 192.168.1.10, subnet mask 255.255.255.0, and set its Default Gateway to 192.168.1.1 (The Router).
  1. 4. Open the PC command prompt and type ping 192.168.1.1. You should get replies! You have built a fully functional routed network.

11. Practice Exercises

  1. 1. What is the specific Cisco CLI syntax to secure Privileged EXEC mode with an encrypted password of "Admin99!"?
  1. 2. Explain why a network administrator must configure an IP address on interface vlan 1 (an SVI) on a Layer 2 switch, even though the switch forwards traffic using MAC addresses.

12. MCQs with Answers

Question 1

By default, all physical interfaces on a brand new Cisco router are placed in which state?

Question 2

Which command is used in interface configuration mode to activate a port and allow electrical signals to flow?

13. Interview Questions

  • Q: You configure a router interface with an IP address and connect it to a switch, but the show ip interface brief command shows the status as "up" and the protocol as "down." What Layer 2 issues could cause this?
  • Q: Explain the functional difference between the enable password command and the enable secret command in Cisco IOS security. Which one should always be used?
  • Q: Walk me through the exact CLI steps to change a switch port from a dynamic negotiation mode to a hardcoded Access Port assigned to VLAN 20.

14. FAQs

Q: Can I use a space in my Hostname? A: No. hostname NY Router will throw an error. You must use hyphens or underscores (e.g., hostname NY-Router).

15. Summary

In Chapter 11, we transitioned to active device management, laying the foundation for a secure and functional network. We secured our devices using Hostnames and the encrypted enable secret password. We successfully navigated down into Interface Configuration mode, contrasting the Layer 3 necessity of assigning IP addresses to Router ports against the Layer 2 logic of assigning Switch ports to VLANs. Finally, we learned the critical administrative commands no shutdown to activate physical hardware, and description` to document our architecture for future troubleshooting.

16. Next Chapter Recommendation

We have successfully configured cables and switches. But what happens when we cut the cord entirely? Proceed to Chapter 12: Wireless Networking Basics.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Cisco IOS and CLI Basics
Next Chapter Wireless Networking Basics

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

🗺️ Related Roadmaps 1