Cisco Router Configuration Basics. Scalable Infrastructure Workshop

Similar documents
3.1 Connecting to a Router and Basic Configuration

Applicazioni Telematiche

Configuring a Router

Lab Review of Basic Router Configuration with RIP. Objective. Background / Preparation. General Configuration Tips

- Advanced IOS Functions -

Introduction to Cisco router configuration

Configuring a Cisco 2509-RJ Terminal Router

Basic Router and Switch Instructions (Cisco Devices)

- Basic Router Security -

Password Recovery Procedure for the Cisco 3600 and 3800 Series Routers

LAB THREE STATIC ROUTING

Password Recovery Procedure for the Cisco 806, 826, 827, 828, 831, 836, 837 and 881 Series Routers

Lab 5.3.9b Managing Router Configuration Files Using TFTP

Lab Introductory Lab 1 - Getting Started and Building Start.txt

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Angelos Stavrou. OF COURSE there is no Magic so lets see show things work in practice...

Basic Configuration of the Cisco Series Internet Router

Lab Load Balancing Across Multiple Paths Instructor Version 2500

Password Recovery Procedure for the Cisco Catalyst 2948G L3, 4840G, and 4908G L3 Switch Routers

LAB MANUAL for Computer Network

How to Configure Cisco 2600 Routers

Objectives Understand Cisco IOS system architecture components. Work with the Cisco IOS Command Line Interface (CLI) and common commands.

Lab 8.4.3b Managing Cisco IOS images with ROMMON and TFTP

Password Recovery Procedure for the Cisco 2900 Series Integrated Services Router

ENetwork Basic Configuration PT Practice SBA

Lab 3 Routing Information Protocol (RIPv1) on a Cisco Router Network

Lab 2 - Basic Router Configuration

Lab Load Balancing Across Multiple Paths

ROM Monitor. Entering the ROM Monitor APPENDIX

LAB Configuring NAT. Objective. Background/Preparation

Cisco Router Configuration Tutorial

Lab Introductory Lab 1 Getting Started and Building Start.txt

Objectives. Router as a Computer. Router components and their functions. Router components and their functions

Procedure: You can find the problem sheet on Drive D: of the lab PCs. Part 1: Router & Switch

Lab: Basic Router Configuration

Skills Assessment Student Training Exam

Router Lab Reference Guide

ICND1 Lab Guide Interconnecting Cisco Networking Devices Part 1 Version 2.0. Labs powered by

IPv6 for Cisco IOS Software, File 2 of 3: Configuring

Using Cisco IOS Software

Connect the Host to attach to Fast Ethernet switch port Fa0/2. Configure the host as shown in the topology diagram above.

Basic Software Configuration Using the Cisco IOS Command-Line Interface

Lab 8.4.3a Managing Cisco IOS Images with TFTP

Configuring the Switch with the CLI Setup Program

Configuring System Message Logging

How To Configure A Cisco Router With A Cio Router


Lab Creating a Network Map using CDP Instructor Version 2500

CISCO CATALYST 3550 Series Switches

Configuring the Switch with the CLI-Based Setup Program

CCNA 2 Chapter 5. Managing Cisco IOS Software

LAB II: Securing The Data Path and Routing Infrastructure

Lab Advanced Telnet Operations

Document ID: Introduction

GLBP - Gateway Load Balancing Protocol

Introduction to Routing and Packet Forwarding. Routing Protocols and Concepts Chapter 1

Comware versus Cisco IOS Command Guide

NetFlow Subinterface Support

CHAPTER 3 STATIC ROUTING

The Purpose and Use of the Configuration Register on All Cisco Routers

[HOW TO RECOVER AN INFINITI/EVOLUTION MODEM IDX ] 1

Configuring the MNLB Forwarding Agent

CCNA Exploration 4.0: (II) Routing Protocols and Concepts. Chapter 1: Introduction to Routing and Packet Forwarding

CCNA Exploration Routing Protocols and Concepts Student Lab Manual

Lab Configuring PAT with SDM and Static NAT using Cisco IOS Commands

APNIC Members Training Course Security workshop. 2-4 July, Port Vila Vanuatu. In conjunction with PACNOG 4

Chapter 3 Configuring Basic IPv6 Connectivity

Lab Configuring Basic Router Settings with the Cisco IOS CLI

Chapter 8 Lab B: Configuring a Remote Access VPN Server and Client

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

Table of Contents. Cisco How to Download a Software Image to a Cisco 2600 via TFTP Using the tftpdnld ROMmon Command

Table of Contents. Cisco How to Download a Software Image to a Cisco 2600 through TFTP Using the tftpdnld ROMmon Command

Lab 8.3.3b Configuring a Remote Router Using SSH

Course "Netzwerke" LAB 2 Basic Router Configuration

Central America Workshop - Guatemala City Guatemala 30 January - 1 February 07. IPv6 Router s Configuration

Terminal Server Configuration and Reference Errata

Cisco Configuration Professional Quick Start Guide

Backing Up and Restoring Data

Connecting to the Firewall Services Module and Managing the Configuration

How To Install Cisco Asr 9000 Series Router Software On A Mini Mini Mini (Cisco Ios) Router

Lab Configuring Basic Router Settings with the Cisco IOS CLI

Configuring Basic Settings

Backup and Recovery Procedures

Brocade to Cisco Comparisons

Chapter 2 Using the Command Line Interface

Lab Configuring Syslog and NTP (Instructor Version)

Administering the Network Analysis Module. Cisco IOS Software. Logging In to the NAM with Cisco IOS Software CHAPTER

How Do I Upgrade Firmware and Save Configurations on PowerConnect Switches?

File Transfers. Contents

USB Disable for Cisco ISRs Feature Module

Using the Command Line Interface (CLI)

How To Set Up A Netvanta For A Pc Or Ipad (Netvanta) With A Network Card (Netvina) With An Ipa (Net Vanta) And A Ppl (Netvi) (Netva)

Configuring Basic Settings

Objectives. Background. Required Resources. CCNA Security

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Lab Exercise Configure the PIX Firewall and a Cisco Router

Debugging Network Communications. 1 Check the Network Cabling

Lab Configuring DHCP with SDM and the Cisco IOS CLI

During this lab time you will configure the routing protocol OSPF with IPv4 addresses.

Transcription:

Cisco Router Configuration Basics Scalable Infrastructure Workshop

Router Components p RAM n Holds operating system, data structures, packet buffers, ARP cache, and routing tables n Reset on reload n Router s running-config is stored in RAM p Flash n Holds the IOS n Is not erased when the router is reloaded p NVRAM n Non-Volatile RAM - stores router s startup-config n Is not erased when router is reloaded

Router Components p Configuration Register n controls how router boots; n value can be seen with show version command; n is normally 0x2102, which tells the router to load the IOS from flash memory and the startup-config file from NVRAM n 0x2142, tells the router to ignore the NVRAM configuration when rebooting n Leading 0x means hexadecimal

Purpose of the Config Register p Reasons why you would want to modify the config-register: n Force the router into ROM Monitor Mode (recovery mode) n Select a boot source and default boot filename n Enable/Disable the Break function n Control broadcast addresses n Set console terminal baud rate n Load operating software from ROM

Configuration Overview p Router configuration controls the operation of the router s: n Interface IP address and netmask n Routing information (static, dynamic or default) n Boot and startup information n Security (passwords and authentication)

Where is the Configuration? p Router always has two configurations: n Running configuration p In RAM, determines how the router is currently operating p Is modified using the configure command p To see it: show running-config n Startup confguration p In NVRAM, determines how the router will operate after next reload p Is modified using the copy command p To see it: show startup-config

Where is the Configuration? p Can also be stored in more permanent places: n External hosts, using TFTP, FTP, SCP, etc n In flash memory in the router p Copy command is used to move it around copy run start copy run tftp copy start tftp copy tftp start copy flash start copy start flash

Router Access Modes p User mode limited access to router no configuration rights n Router> p Privileged EXEC mode detailed access and full configuration of the router, debugging, testing, file manipulation (router prompt changes to an octothorpe) n Router# p ROM Monitor useful for password recovery (amongst others) p Setup Mode entered when router has no startup-config file

External Configuration Sources p Console n Direct PC serial access p Auxiliary port n Modem access p Virtual terminals n Telnet/SSH access p TFTP Server n Copy configuration file into router RAM p Network Management Software n e.g., CiscoWorks

Changing the Configuration p Configuration statements can be entered interactively n changes are made (almost) immediately, to the running configuration p Can use direct serial connection to console port, or p Telnet/SSH to vty s ( virtual terminals ), or p Modem connection to aux port, or p Edited in a text file and uploaded to the router at a later time via tftp/ftp/scp n copy tftp start

Logging into the Router p Connect router to console port or telnet to router router> router>enable password router# router#? p Configuring the router n Terminal (entering the commands directly) router# configure terminal router(config)#

Connecting your FreeBSD Machine to the Router s Console Port p Connect your PC to the console port using the serial cable provided p Go to /etc/remote to see the device configured to be used with "tip. you will see at the end, a line begin with com1 bash$ tip com1 <enter> router> router>enable router#

Address Assignments G 196.200.220.128/28 SWITCH.7.8 H 196.200.220.144/28 F 196.200.220.112/28.6.9 I 196.200.220.160/28 E D C 196.200.220.96/28 196.200.220.80/28 196.200.220.64/28.5.4.3 196.200.220.0/27.10.11.12 J 196.200.220.176/28 K 196.200.220.192/28 L 196.200.220.208/28 B 196.200.220.48/28.2.13 M 196.200.220.224/28 A 196.200.220.32/28.1.14 N 196.200.220.240/28

Configuring your Router (1) p Load configuration parameters into RAM n Router#configure terminal p Personalise router identification n Router#(config)hostname RouterA p Assign console & vty passwords n RouterA#(config)line console 0 n RouterA#(config-line)password afnog n RouterA#(config)line vty 0 4 n RouterA#(config-line)password afnog Spaces count, so don t add them at the end!!

Configuring your Router (2) p Set the enable (secret) password: n router(config)# enable secret afnog p This MD5 encrypts the password n The old method was to use the enable password command. But this is not secure (weak encryption) and is ABSOLUTELY NOT RECOMMENDED. DO NOT USE! p Ensure that all passwords stored on router are (weakly) encrypted rather than clear text: n router(config)# service password-encryption

Configuring your Router (3) p Configure interfaces n RouterA#(config)interface fastethernet 0/0 n RouterA#(config-if)ip address n.n.n.n m.m.m.m n RouterA#(config-if)no shutdown p Configure routing/routed protocols n RouterA#(config)router bgp 100 n RouterA#(config-router) p Save configuration parameters to NVRAM n RouterA#copy running-config startup-config n (or write memory)

Configuring your Router (4) p IP Specific Configuration n no ip source-route disable source routing n ip domain-name domain-name n ip nameserver n.n.n.n set name server p Static Route Creation ip route n.n.n.n m.m.m.m g.g.g.g n.n.n.n = network block m.m.m.m = network mask denoting block size g.g.g.g = next hop gateway destination packets are sent to

Router Prompts How to tell where you are on the router p You can tell in which area of the router s configuration you are by looking at the router prompts - some examples: Router> USER prompt mode Router# PRIVILEGED EXEC prompt mode Router(config) terminal configuration prompt Router(config-if) interface configuration prompt Router(config-subif) sub-interface configuration prompt rommon 1> ROM Monitor mode

The NO Command p Used to reverse or disable commands e.g ip domain-lookup no ip domain-lookup router ospf 1 no router ospf 1 ip address 1.1.1.1 255.255.255.0 no ip address

Interface Configuration p Interfaces are named by slot/type; e.g.: n ethernet0, ethernet5/1, serial0/0/0, serial2 p And can be abbreviated: n ethernet0 or eth0 or e0 n Serial0/0 or ser0/0 or s0/0 p Interfaces are shutdown by default n router(config-if)#no shutdown wake up interface p Description n router(config-if)#description Link to Admin Building router

Global Configuration Commands p Cisco global config should always include: ip classless ip subnet-zero n (These are default as from IOS 12.2 release) p Cisco interface config should usually include: no shutdown no ip proxy-arp no ip redirects no ip directed-broadcast p Industry recommendations are at http:// www.cymru.com/documents

Looking at the Configuration p Use show running-configuration to see the current configuration p Use show startup-configuration to see the configuration in NVRAM, that will be loaded the next time the router is rebooted or reloaded n (or show conf)

Storing the Configuration on a Remote System p Requires: tftpd on a unix host; destination file must exist before the file is written and must be world writable... rtra#copy run tftp Remote host []? n.n.n.n Name of configuration file to write [rtra-confg]? Write file rtra-confg on Host n.n.n.n? [confirm] Building configuration... Writing rtra-confg!![ok] router#

Restoring the Configuration from a Remote System p Use tftp to pull file from UNIX host, copying to runningconfig (added to existing running configuration) or startupconfig (stored in configuration NVRAM and used on next reboot) rtra#copy tftp start Address of remote host [255.255.255.255]? n.n.n.n Name of configuration file [rtra-confg]? Configure using rtra-confg from n.n.n.n? [confirm] Loading rtra-confg from n.n.n.n (via Ethernet0/0):! [OK - 1005/128975 bytes] rtra# reload

Getting Command Help p IOS has a command help facility; n use? to get a list of possible configuration options p? after the prompt lists all possible commands: router#? p <command>? lists all possible subcommands router#show? router#show ip? p <partial command>? lists all possible command completions: router#con? configure connect

Getting Lazy Command Help p TAB character will complete a partial word hostel-rtr(config)#int<tab> hostel-rtr(config)#interface et<tab> hostel-rtr(config)#interface ethernet 0 hostel-rtr(config-if)#ip add<tab> hostel-rtr(config-if)#ip address n.n.n.n m.m.m.m p Not really necessary to complete command keywords; partial commands can be used: router#conf t router(config)#int e0/0 router(config-if)#ip addr n.n.n.n

Editing p Command history n IOS maintains a list of previously typed commands n up-arrow or ^p recalls previous command n down-arrow or ^n recalls next command p Line editing n left-arrow, right-arrow moves cursor inside command n ^d or backspace will delete character in front of cursor n Ctrl-a takes you to start of line n Ctrl-e takes you to end of line n Ctrl-u deletes an entire line Many other unix-like tricks

Connecting your FreeBSD machine to the Router s Console port p Look at your running configuration p Configure an IP address for fastethernet0/1 depending on your table n use n.n.n.n for table A etc p Look at your running configuration and your startup configuration p Check what difference there is, if any

Deleting your Router s Configuration p To delete your router s configuration Router#erase startup-config OR Router#write erase Router#reload n Router will start up again, but in setup mode, since startup-config file does not exists

Password Recovery Working around a forgotten or lost password

Disaster Recovery ROM Monitor p ROM Monitor is very helpful in recovering from emergency failures such as: n Password recovery n Upload new IOS into router with NO IOS installed n Selecting a boot source and default boot filename n Set console terminal baud rate to upload new IOS quicker n Load operating software from ROM n Enable booting from a TFTP server

Getting to the ROM Monitor p Windows using HyperTerminal for the console session n Ctrl-Break p FreeBSD/UNIX using Tip for the console session n <Enter>, then ~# OR n Ctrl-], then Break or Ctrl-C p Linux using Minicom for the console session n Ctrl-A F p MacOS using Zterm for the console session n Apple B

Disaster Recovery: How to Recover a Lost Password p Connect your PC s serial port to the router s console port p Configure your PC s serial port: n n n n n 9600 baud rate No parity 8 data bits 1 stop bit No flow control

Disaster Recovery: How to Recover a Lost Password p Your configuration register should be 0x2102; use show version command to check p Reboot the router and apply the Breaksequence within 60 seconds of powering the router, to put it into ROMMON mode Rommon 1>confreg 0x2142 Rommon 2>reset n Router reboots, bypassing startup-config file

Disaster Recovery: How to Recover a Lost Password Type Ctrl-C to exit Setup mode Router>enable Router#copy start run (only!!!) Router#show running Router#conf t Router(config)enable secret forgotten Router(config)int e0/0 Router(config-if)no shut Router(config)config-register 0x2102 Router(config)Ctrl-Z or end Router#copy run start Router#reload

Basic IPv6 Configuration

IPv6 Configuration p IPv6 is not enabled by default in IOS p Enabling IPv6: Router(config)# ipv6 unicast-routing p Disable Source Routing Router(config)# no ipv6 source route p Activating IPv6 CEF Router(config)# ipv6 cef

IPv6 Configuration - Interfaces p Configuring a global or unique local IPv6 address: n Router(config-if)# ipv6 address X:X..X:X/prefix p Configuring an EUI-64 based IPv6 address (not such a good idea on a router): n Router(config-if)# ipv6 address X:X::/prefix eui-64

IPv6 Configuration p Note that by configuring any IPv6 address on an interface, you will see a global or unique-local IPv6 address and a link-local IPv6 address on the interface n Link-local IPv6 address format is FE80::interface-id p The local-link IPv6 address is constructed automatically by concatenating FE80 with Interface ID as soon as IPv6 is enabled on the interface: n Router(config-if)# ipv6 enable

IOS IPv6 Interface Status Link Local br01#sh ipv6 interface fast 0/1.220 FastEthernet0/1.220 is up, line protocol is up IPv6 is enabled, link-local address is FE80::225:45FF:FE6A:5B39 No global unicast address is configured Joined group address(es): FF02::1 FF02::2 FF02::1:FF6A:5B39 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled

IOS IPv6 Interface Status br01#sh ipv6 interface fast 0/1.223 FastEthernet0/1.223 is up, line protocol is up IPv6 is enabled, link-local address is FE80::225:45FF:FE6A:5B39 Description: backbone Global unicast address(es): 2001:4348:0:223:196:200:223:254, subnet is 2001:4348:0:223::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FF23:254 FF02::1:FF6A:5B39 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled

IPv6 Configuration Miscellaneous p Disable IPv6 redirects on interfaces interface fastethernet 0/0 no ipv6 redirects p Nameserver, syslog etc can be IPv6 accessible ip nameserver 2001:db8:2:1::2 ip nameserver 10.1.40.40

Static Routing IOS p Syntax is: ipv6 route ipv6-prefix/prefix-length {ipv6- address interface-type interface-number} [admin-distance] p Static Route ipv6 route 2001:db8::/64 2001:db8:0:CC00::1 n Routes packets for network 2001:db8::/64 to a networking device at 2001:db8:0:CC00::1

Cisco Router Configuration Basics Questions?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information