On the test I will configure the Foxgate S6208-S1 (R2.0) switch.
Connect to it through the console and go to configuration mode:
enable
config
Add user:
username NAME privilege 15 password 0 PASSWORD
Turn on telnet:
telnet-server enable
Turn on the web interface:
ip http server
authentication line web login local
We allow you to manage the switch only from the specified IPs:
authentication securityip 192.168.0.5
authentication securityip 172.16.99.99
Configure SNMP and allow connection only from the specified IPs:
snmp-server enable
snmp-server securityip 192.168.0.5
snmp-server securityip 172.16.99.99
snmp-server community ro 0 public
Turn on dhcp snooping, in the future we will block other people’s DHCP with it:
ip dhcp snooping enable
Specify the recovery time after detecting a loop on the port:
loopback-detection control-recovery timeout 300
Add VLAN for management (I have 207):
vlan 207
name core
exit
Add VLAN for users:
vlan 226
name local_smart
exit
Set up ports for users (226 vlan without tag):
Interface Ethernet1/1-8
switchport access vlan 226
loopback-detection control shutdown
ip dhcp snooping action blackhole recovery 60
Configure the uplink port (the Internet will come from it, all vlan with the tag):
Interface Ethernet1/9
switchport mode trunk
ip dhcp snooping trust
We will register the IP in the managed VLAN to connect to the switch remotely:
interface Vlan207
ip address 192.168.0.137 255.255.255.0
If necessary, we will set the gateway for the IP address that was registered above:
ip default-gateway 192.168.0.1
Set the time parameters:
sntp polltime 12400
sntp server x.x.x.x
clock timezone Kiev add 2 0
You can view information about the switch using the command:
show version
View configuration:
show running-config
We exit the configuration mode and save the configuration:
exit
write
See also my article:
Blocking DHCP servers on FoxGate switches