Configuring a Router
From Mycomputer Notes
(→Configuring Serial & Ethernet Interfaces) |
(→Configuring a Router) |
||
| (18 intermediate revisions not shown) | |||
| Line 7: | Line 7: | ||
In order to accomplished this go to the global configuration mode with the following command: | In order to accomplished this go to the global configuration mode with the following command: | ||
| - | Router(config)#hostname Tokyo | + | Router(config)#hostname Tokyo <BR> |
Tokyo(config)# | Tokyo(config)# | ||
| Line 48: | Line 48: | ||
==Configuring Serial & Ethernet Interfaces== | ==Configuring Serial & Ethernet Interfaces== | ||
| - | To configure a | + | To configure a '''Serial Interface''' either from the console or through a virtual terminal line follow these steps: |
#Enter global configuration mode | #Enter global configuration mode | ||
| Line 62: | Line 62: | ||
Router(Config)# interface type slot/port | Router(Config)# interface type slot/port | ||
| - | This commands is used to administratively turn off | + | Each Interface that has been configured with the above commands needs an IP Address and a Subnet mask. Configure the IP address with the following commands: |
| - | Router(Config)#shutdown | + | |
| + | Router(config)#interface serial 0/0 | ||
| + | Router(config-if)#ip address <ip address > <netmask > | ||
| + | |||
| + | Serial interfaces require a clock signal to control the timing of the communications in most cases a DCE device such as a CSU/DSU will provide the clock. By default, Cisco routers are DTE devices but they can be configured as DCE devices. | ||
| + | |||
| + | The clock is enabled and speed is specified with the clock rate command. Available clock rates are: | ||
| + | *1200 | ||
| + | *2400 | ||
| + | *9600 | ||
| + | *19200 | ||
| + | *38400 | ||
| + | *56000 | ||
| + | *64000 | ||
| + | *72000 | ||
| + | |||
| + | Some bit rates might not be available on certain serial interfaces. This depends on the capacity of each interface. | ||
| + | |||
| + | This commands is used to administratively turn off/on an interface | ||
| + | Command A will administratively turn off an interface | ||
| + | Command A will administratively turn on an interface | ||
| + | |||
| + | A) Router(Config)#shutdown | ||
| + | B) Router(Config)# no shutdown | ||
| + | |||
| + | By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting, the shutdown command used to turn off the interface. | ||
| + | |||
| + | The commands that are used to set a clock rate and enable a serial interface are as follows: | ||
| + | |||
| + | Router(config)#interface serial 0/0 | ||
| + | Router(config-if)#clock rate 56000 | ||
| + | Router(config-if)#no shutdown | ||
| + | |||
| + | To configure a '''Ethernet Interface''' either from the console or through a virtual terminal line follow these steps: | ||
| + | |||
| + | #Enter global configuration mode. | ||
| + | #Enter interface configuration mode. | ||
| + | #Specify the interface address and subnet mask. | ||
| + | #Enable the interface. | ||
| + | |||
| + | =Finishing the Configuration= | ||
| + | Best Practice procedures when finalyzing a router's configuration. | ||
| + | |||
| + | <UL> | ||
| + | <LI>Established configuration standards. The standards procedures should be official and widely used by everyone to avoid chaos if there is a network failure.</LI> | ||
| + | |||
| + | <LI>Provide and configured interface descriptions. Description should be used to identify important information(ie. distant router, circuit number, network segment). The description | ||
| + | is solely as a comment about the interface, the description does not affect the operation of | ||
| + | the router.</LI> | ||
| + | </UL> | ||
| + | |||
| + | Router(Config)# interface ethernet 0 | ||
| + | Router(Config)# description Engineering LAN Bldg 18 | ||
| + | |||
| + | *Configure login banners. A login banner should warn users not to attempt login unless they are authorized. A message such as “This is a secure system, authorized access only!” informs unwanted visitors that any further intrusion is illegal. | ||
| + | <UL> | ||
| + | <LI>Configuring a message of the day (MOTD) banner | ||
| + | Follow these steps to create and display a message-of-the-day: | ||
| + | </LI> </UL> | ||
| + | Router(config)#banner motd % M-E-S-S-A-GE.% | ||
| + | CTRL Z (to exit global configuration) | ||
| + | Router# copy running-config startup config | ||
| + | |||
| + | <UL> | ||
| + | <LI>Performing host name resolution. | ||
| + | Host name resolution is the process that a computer system uses to associate | ||
| + | a host name with an IP address. | ||
| + | A list of host names and their associated IP addresses is called a host table. | ||
| + | The following is an example of the configuration of a host table on a router: | ||
| + | </LI></UL> | ||
| + | |||
| + | Router (config) # ip host Auckland 172.16.32.1 | ||
| + | Router (config) # ip host Beirut 192.168.53.1 | ||
| + | Router (config) # ip host Capetown 192.168.89.1 | ||
| + | Router (config) # ip host Denver 10.202.8.1 | ||
| + | |||
| + | *Performing configuration backup and documentation. | ||
| + | |||
| + | The configuration of network devices determines how the network will behave. Management of device configuration includes the following tasks: | ||
| + | |||
| + | *List and compare configuration files on running devices. | ||
| + | *Store configuration files on network servers. | ||
| + | *Create a backup copies of configuration files. | ||
| + | *Perform software installations and upgrades. | ||
| + | |||
| + | Save de configuration files to one of the following: | ||
| + | #TFTP Server | ||
| + | #Network Server | ||
| + | #Disk in a safe place | ||
Current revision as of 21:57, 21 September 2006
All CLI configuration changes to a Cisco router are made from global configuration mode, which is sometimes called global config. Global config is the primary configuration mode.
Contents |
[edit] Configuring a Router
A router should be given a unique name as one of the first configuration tasks In order to accomplished this go to the global configuration mode with the following command:
Router(config)#hostname Tokyo
Tokyo(config)#
[edit] Configuring router passwords
As a best practive restrict access to routers with a password. Passwords should always be configured for virtual terminal (vty) lines and the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized users may make changes to the configuration file.
[edit] Console Password
Router(Config)# line console 0 Router(Config)# password cisco Router(Config)# login
[edit] Virtual Terminal Password
Router(Config)# line vty 0 4 (when configuring telenet sessions) Router(Config)# password cisco Router(Config)# login
[edit] Enable Password
Router(Config)# enable password SanFranciso Router(Config)# service password-encryption (to encrypt non encrypted passwords)
The enable password used to restrict access to the privileged EXEC mode IF the enable secret has not been set.
Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-config or show startup-config commands and a a best practice we should used the "service password-encryption" command
[edit] Password encryption
Router(Config)# enable secret <password> (encrypted password)
The enable secret commands is used to restrict access to the privileged EXEC mode The enable secret command should be used because the enable secret command is encrypted
[edit] Configuring Serial & Ethernet Interfaces
To configure a Serial Interface either from the console or through a virtual terminal line follow these steps:
- Enter global configuration mode
- Enter interface mode.
- Specify the interface address and subnet mask.
- Set clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected.
- Turn on the interface.
The variable "TYPE" here is for serial, ethernet, fasethernet, token ring and others.
Router(Config)# interface type port Router(Config)# interface type slot/port
Each Interface that has been configured with the above commands needs an IP Address and a Subnet mask. Configure the IP address with the following commands:
Router(config)#interface serial 0/0 Router(config-if)#ip address <ip address > <netmask >
Serial interfaces require a clock signal to control the timing of the communications in most cases a DCE device such as a CSU/DSU will provide the clock. By default, Cisco routers are DTE devices but they can be configured as DCE devices.
The clock is enabled and speed is specified with the clock rate command. Available clock rates are:
- 1200
- 2400
- 9600
- 19200
- 38400
- 56000
- 64000
- 72000
Some bit rates might not be available on certain serial interfaces. This depends on the capacity of each interface.
This commands is used to administratively turn off/on an interface Command A will administratively turn off an interface Command A will administratively turn on an interface
A) Router(Config)#shutdown B) Router(Config)# no shutdown
By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting, the shutdown command used to turn off the interface.
The commands that are used to set a clock rate and enable a serial interface are as follows:
Router(config)#interface serial 0/0 Router(config-if)#clock rate 56000 Router(config-if)#no shutdown
To configure a Ethernet Interface either from the console or through a virtual terminal line follow these steps:
- Enter global configuration mode.
- Enter interface configuration mode.
- Specify the interface address and subnet mask.
- Enable the interface.
[edit] Finishing the Configuration
Best Practice procedures when finalyzing a router's configuration.
- Established configuration standards. The standards procedures should be official and widely used by everyone to avoid chaos if there is a network failure.
- Provide and configured interface descriptions. Description should be used to identify important information(ie. distant router, circuit number, network segment). The description is solely as a comment about the interface, the description does not affect the operation of the router.
Router(Config)# interface ethernet 0 Router(Config)# description Engineering LAN Bldg 18
- Configure login banners. A login banner should warn users not to attempt login unless they are authorized. A message such as “This is a secure system, authorized access only!” informs unwanted visitors that any further intrusion is illegal.
- Configuring a message of the day (MOTD) banner Follow these steps to create and display a message-of-the-day:
Router(config)#banner motd % M-E-S-S-A-GE.% CTRL Z (to exit global configuration) Router# copy running-config startup config
- Performing host name resolution. Host name resolution is the process that a computer system uses to associate a host name with an IP address. A list of host names and their associated IP addresses is called a host table. The following is an example of the configuration of a host table on a router:
Router (config) # ip host Auckland 172.16.32.1 Router (config) # ip host Beirut 192.168.53.1 Router (config) # ip host Capetown 192.168.89.1 Router (config) # ip host Denver 10.202.8.1
- Performing configuration backup and documentation.
The configuration of network devices determines how the network will behave. Management of device configuration includes the following tasks:
- List and compare configuration files on running devices.
- Store configuration files on network servers.
- Create a backup copies of configuration files.
- Perform software installations and upgrades.
Save de configuration files to one of the following:
- TFTP Server
- Network Server
- Disk in a safe place
