Configuring a Router

From Mycomputer Notes

Revision as of 22:11, 28 April 2006 by 64.86.141.133 (Talk)

All CLI configuration changes to a Cisco router are made from global configuration mode, which is sometimes called global config. Global config is the primary configuration mode.


Contents

Configuring a Router

A router should be given a unique name as one of the first configuration tasks In order to accomplished this go to the global configuration mode with the following command:

Router(config)#hostname Tokyo Tokyo(config)#


Configuring router passwords

As a best practive restrict access to routers with a password. Passwords should always be configured for virtual terminal (vty) lines and the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized users may make changes to the configuration file.


Console Password

Router(Config)# line console 0
Router(Config)# password cisco
Router(Config)# login

Virtual Terminal Password

Router(Config)# line vty 0 4 (when configuring telenet sessions)
Router(Config)# password cisco
Router(Config)# login

Enable Password

Router(Config)# enable password SanFranciso
Router(Config)# service password-encryption (to encrypt non  encrypted passwords)

The enable password used to restrict access to the privileged EXEC mode IF the enable secret has not been set.

Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-config or show startup-config commands and a a best practice we should used the "service password-encryption" command


Password encryption

Router(Config)# enable secret <password> (encrypted password)

The enable secret commands is used to restrict access to the privileged EXEC mode The enable secret command should be used because the enable secret command is encrypted

Configuring Serial & Ethernet Interfaces

To configure a Serial Interface either from the console or through a virtual terminal line follow these steps:

  1. Enter global configuration mode
  2. Enter interface mode.
  3. Specify the interface address and subnet mask.
  4. Set clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected.
  5. Turn on the interface.


The variable "TYPE" here is for serial, ethernet, fasethernet, token ring and others.

Router(Config)# interface type port
Router(Config)# interface type slot/port

Each Interface that has been configured with the above commands needs an IP Address and a Subnet mask. Configure the IP address with the following commands:

Router(config)#interface serial 0/0 
Router(config-if)#ip address <ip address > <netmask > 

Serial interfaces require a clock signal to control the timing of the communications in most cases a DCE device such as a CSU/DSU will provide the clock. By default, Cisco routers are DTE devices but they can be configured as DCE devices.

The clock is enabled and speed is specified with the clock rate command. Available clock rates are:

  • 1200
  • 2400
  • 9600
  • 19200
  • 38400
  • 56000
  • 64000
  • 72000

Some bit rates might not be available on certain serial interfaces. This depends on the capacity of each interface.

This commands is used to administratively turn off/on an interface Command A will administratively turn off an interface Command A will administratively turn on an interface

A) Router(Config)#shutdown
B) Router(Config)# no shutdown

By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting, the shutdown command used to turn off the interface.

The commands that are used to set a clock rate and enable a serial interface are as follows:

Router(config)#interface serial 0/0 
Router(config-if)#clock rate 56000 
Router(config-if)#no shutdown

To configure a Ethernet Interface either from the console or through a virtual terminal line follow these steps:

  1. Enter global configuration mode.
  2. Enter interface configuration mode.
  3. Specify the interface address and subnet mask.
  4. Enable the interface.

Finishing the Configuration

Best Practice procedures when finalyzing a router's configuration.

  • Established configuration standards. The standards procedures should be official and widely used by everyone to avoid chaos if there is a network failure.
  • Provide and configured interface descriptions. Description should be used to identify important information(ie. distant router, circuit number, network segment). The description is solely as a comment about the interface, the description does not affect the operation of the router.
Router(Config)# interface ethernet 0 
Router(Config)# description Engineering LAN Bldg 18
  • Configure login banners. A login banner should warn users not to attempt login unless they are authorized. A message such as “This is a secure system, authorized access only!” informs unwanted visitors that any further intrusion is illegal.
  • Configuring a message of the day (MOTD) banner Follow these steps to create and display a message-of-the-day:
Router(config)#banner motd % M-E-S-S-A-GE.%
CTRL Z (to exit global configuration)
Router# copy running-config start-up config
  • Performing host name resolution. Host name resolution is the process that a computer system uses to associate a host name with an IP address. A list of host names and their associated IP addresses is called a host table. The following is an example of the configuration of a host table on a router:
Router (config) # ip host Auckland    172.16.32.1
Router (config) # ip host Beirut      192.168.53.1
Router (config) # ip host Capetown    192.168.89.1
Router (config) # ip host Denver      10.202.8.1
  • Performing configuration backup and documentation.
Personal tools