Powered by Blogger.

Basic Router Config




Cisco allows you to configure the router to support various protocols and interfaces. The router stores the configuration in the configuration file. The router searches for the configuration file in the NVRAM at the time of boot. If the configuration file is not present in the NVRAM, the router IOS runs the System Configuration dialog that prompts the user to enter basic configuration details for the router. These configuration details can be divided into global configuration settings and interface configuration settings.

Global Configuration

Global configuration of a router allows you to configure a router. When the router boots up, the interface summary is displayed. The router prompts the user to enter the basic management setup settings that comprise the global configuration of the router. The user can modify passwords, enable encrypted passwords and configure the terminal for different protocols.

To enter global configuration during boot:

1.    Boot the router after installation. The CLI or the Command Line Interface appears.

2.    Type enable or en to switch the privileged mode. The # command prompt appears.

3.    Type setup to run the system Configuration dialog. The output of the command appears and the router prompts you to confirm if you want to continue with the system configuration

4.    Type y

5.    Press enter. The router prompts you to select if you want to view the interface summary
6.    Type yes
7.    Press enter. The system prompts you to confirm if you want to enter the basic management setup.

8.    Type n

9.    Press enter. The router enters global configuration and prompts you to configure the router hostname, the passwords and different protocols such as SNMP, IP, DecNet, Apple Talk, IGRP and Rip.

10.  Enter appropriate options for the different protocols.

Router Administrative Functions

The administrative functions such as assigning hostnames, banners, setting password and interface descriptions allow you to configure a router in the network. These functions allow easy troubleshooting of routers.

Assigning Hostnames

The hostname command allows you to change the router hostname. The default hostname assigned during router installation is Router. The hostname command operates at the configuration mode in the CLI of the router. The syntax of the command is:

Hostname name

Where name specifies the name of the router

To change the router hostname

1.    Open the router CLI

2.    Type enable or en to switch to the privileged mode.

3.    Type config to switch to the configuration mode. The config#. Command prompt appears.

4.    Type hostname Router1 to configure a hostname for the router where, Router1 is the name of the router.

5.    Press Enter. The router name changes to Router1.

Banners        


A banner is a message displayed to all the users when they access the router through telnet, console and auxiliary ports. The banner can be used to display information about the router itself or any kind of security message. Cisco routers allow you to enter the banner message using the banner command. You can include a banner message to prohibit unauthorized users from accessing the network. The command requires a delimiter character that appears at the end of the banner text to indicate that the banner is finished. For example, if you specify # character, it indicates that, the banner ends with #. Four types of banners available for the Cisco routers are as follows:

Ø  Message of the day banner – It is the most commonly used banner. This banner is displayed to all the users accessing the router through console, Telnet or auxiliary ports. The syntax for the banner command is: banner motd [ delimiter] where, delimiter refers to a delimiting character such as, a comma, full stop, characters or numeric values

Ø  Exec process creation banner – It is displayed when you create an EXEC process. The EXEC process can be a line activation or incoming connection to the VTY (virtual terminal) line. You can activate this banner by starting user mode from the console port.
Ø  Incoming terminal line banner – it is displayed on the terminals that use reverse Telnet. A user intimates a Telnet session to share resources with the remote computer. However, in the reverse Telnet the session is initiated by the host computer for its user.

Ø  Login banner – it is configured to display on all terminals connected to the router. You can view this banner after the MOTD banner and before the login prompts. To disable this banner, use the no banner login command.

A router does not have a login banner by default. You can set a login banner for the router that is displayed every time a user logs in. the banner motd command allows you to set a banner for the router.

To set a login banner:

1.    Open the CLI.

2.    Switch to the configuration mode.

3.    Type banner motd. to set a login banner with the full stop as the delimiter.

4.    Type the banner text with the delimiter.

5.    Press enter the banner is visible next time the user logs in and appears.

Setting passwords


The router has three types of ports, console, telnet and auxiliary. You can configure passwords for each port. These passwords work for the user exec mode. You can also configure passwords for the privileged mode using the enable password and enable secret commands.

Console Passwords

Console passwords allow you to access the router console. To set the password you must switch to the console port using the line console command. If you enter this command from the auxiliary line configuration, you receive an error message. In this case, switch to the configuration mode and set the password.

To set console passwords:

1.     Open the CLI.

2.    Switch to the configuration mode.

3.    Type line console 0 to switch to the console port.

4.    Press enter.  The command prompt appears.

5.    Type password  myrouterpass to set a password for the console, where, myroutepass represents the console password for the router.

6.    Press enter.

7.    Type exit to quit from the console.

Telnet passwords:

Telnet passwords provide access to the telnet services. To set the telnet password you must switch to the telnet using line vty command. The command requires to specify the number of VTY lines in the network. If the router run the Enterprise Edition of Cisco IOS have more than five VTY lines.

To configure telnet passwords:

1.    Open the CLI

2.    Switch to the configuration mode

3.    Type line vty 0 4 to switch to telnet

4.    Press enter. The # command prompt appears.

5.    Type login to log on to the telnet.

6.    Press enter

7.    Type password mypass to set a password for the console, where, mypass represents the telnet password for the router

8.    Press enter

9.    Type exit to quit from telnet.

Auxiliary passwords


Auxiliary passwords are required for accessing interfaces connected to the auxiliary port. You cannot set this password for routers that do not have auxiliary port. To set the auxiliary password, you must switch to the auxiliary port using the line aux 0 command.

To configure auxiliary passwords:

1.    Open the CLI
2.    Switch to the configuring mode
3.    Type line aux 0 to switch to the auxiliary port.
4.    Press enter. The command prompt appears.
5.    Type password myauxpass to set a password for the auxiliary port, where, myauxpass represents the auxiliary password for the router.
6.    Press enter
7.    Type exit to exit from the console.

Encrypting Password


If you set a password using enable password command or enable secret command, you must enter the respective password to login to the privileged mode. However, if you configure both the commands, you must enter the secret password to use the privileged mode. The command for setting password for is:

Where,

§  password : Specifies the password for the router
§  pwd : Refers to the actual password

to set a password for the router:

1.    open the CLI
2.    switch to the configuration mode
3.    type enable password mypass to set a password for the privileged exec mode, where, mypass refers to the password.

You can encrypt the password while setting the password for the router or set an encrypted password for privileged mode using enable secret command. The enable secret password is encrypted by default in the Cisco routers. You can encrypt other passwords manually using the service password encryption. The syntax for setting an encrypted password is:

enable secret

An encrypted password can be set using the same procedure as the normal password. The Cisco routers allow you to encrypt Telnet password using the service password-encryption command.

To encrypt the Telnet password:

1.    open the CLI
2.    switch to the configuration mode
3.    type vty 0 4 to configure telnet access
4.    type login to enable Telnet login
5.    type password mypass to set the password, where, mypass refers to telnet password.
6.    Type exit to switch to the configuration mode
7.    Type service password-encryption to encrypt the password.


more on ConfiguringIP address on an Interface


Subscribe to: Posts (Atom)

  © Blogger template Werd by Ourblogtemplates.com 2009

Back to TOP