Hi all,
This section is gonna help out with CCNA and Cisco router/switch configurations.
I am going to outline the basics – however – there is always a scenario that you need help on that is never covered. So, if you drop me a line I will personally create a howto to meet your needs.
Here are the basics for setting up a Cisco router:
Thanks to Neuromancer & Data Plumber for pointing out the initial commands and helping me with this blog. So, to prepare for entering configuration commands. The initial input is as follows:
Router>enable
Router#configure terminal
Router(config)#
You are now ready to start entering global configuration commands to edit your system.
The following are probably the most common but those that provide the basis to configuring a working router.
Enable password-encryption (to ensure passwords are stored in a way that is unreadable to any chancer that might catch a glimpse at your sh run command):
Router(config)#service password-encryption
Enable secret – adding higher encryption authorization to users access to the global configuration mode.
Router(config)#enable secret password
Enable login to the privileged using password authentication:
Router(config)#enable password password
Enable console password authentication:
Router(config)#line console 0
Router(config-line)#password password
Router(config-line)#login
Router(config-line)#exit
Enable virtual terminal password authentication (for the five available logins):
Router(config)#line vty 0 4
Router(config-line)#password password
Router(config-line)#login
Router(config-line)#exit
Set the hostname of your Router:
Router(config)#hostname Cisco1
Cisco1(config)#
Ensure you are making the most of your network IP addresses by enabling subnet zero:
Cisco1(config)#ip subnet-zero
Set the text display banner when greeted by the router:
Cisco1(config)#banner motd # Authorised access only #
If, like me, your router is too small to hold a newer ISO image. You can do one of two things – a) like I now have, buy memory upgrades from ebay or b) store your newly purchased IOS image on a tftp server and load it at boot time.
Cisco1(config)#boot system tftp 2500-io-l.122-5.bin 192.168.0.100
Breaking the last down then, the first part, boot system tftp, tells the router to look for the IOS on a network server.
It then says that we are retrieving an image from a remote tftp server (in this case the file 2500-io-l.122-5.bin).
The final part usthe IP address of the server supplying the file via its TFTP service.
So now you have your system quite nice and customised to your liking – now we don’t want to lose our hard work so – you better save it!
Cisco1(config)#end //or you can hit the key combo CTRL and Z
Cisco#copy running-config startup-config
Hmm, I wonder which version of software I am running and how much memory I have.
Cisco1#show version
Cisco1#show flash
Configuring the RIP routing protocol, so that a router can act as an intermediary between two networks. In this example we are traversing networks 192.168.0.0 and 172.16.0.0.
Cisco1#conf t
Cisco1(config)#router rip
Cisco1(config-router)#network 192.168.0.0
Cisco1(config-router)#network 172.16.0.0
Cisco1(config-router)#end
Cisco1#copy run start
or the proprietary CISCO hybrid routing protocol EIGRP…..
Configuring the EIGRP protocol, so that a router can act a more efficient layer three device between network. In this example we have a defined autonomous system number of 67 (random number between 1 and 65535).
You may want to setup a DHCP server, providing your hosts with unique IP addresses, a default gateway, a local ‘next-server’ and a DNS server, therefore:
Cisco1(config)#ip dhcp pool LAN
Cisco1(dhcp-config)#network 192.168.0.0 255.255.255.0
Cisco1(dhcp-config)#default-router 192.168.0.1
Cisco1(dhcp-config)#dns-server 206.67.222.222
Cisco1(dhcp-config)#end
Cisco1#copy run start
The last part being the all important ’save’ command, so as to ensure our efforts are not lost.
So what if you have a web-server on your network that needs a static IP address. Well we simply exclude the IP address of the web-server from the DHCP scope.
Cisco1#conf t
Cisco1(config)#ip dhcp excluded-address 192.168.0.253
Cisco1(config)#end
Cisco1#copy run start
This leads nicely on to network address translation (NAT) and specifically port-address translation (PAT). In this instance, web traffic traffic – directly will be translated from it arriving at our publically registered IP to the web-server on our private network.
In essence, NAT provides and administrator with a number of useful features, such as:
- the ability to use a single public IP address to provide access to thousands of privately networked users
- a solution to the ever decreasing number of uniquely assigned public IPv4 addresses
- a layer of security by masking the original source host address from the outside world
