Univerziteti pr Biznes dhe Teknologji Fakultetit i Shkencave Kompjuterike dhe Inxhinieris

Lnda: Lab kursi mbi bazat teknike te informatikes Fletore e Ushtrimeve Laboratorike
Verzioni 1.1

Prof. Selman Haxhijaha Viti Akademik 2011/2012

Ushtrim Laboratorik: Menaxhimi i Ruterit

Objektivat Ne kete ushtrim laboratorike studenti do te kompletoje Hapit ne vazhdim: 1. Ta identifikon Ruterin duke e konfiguruar emrin e ruterit 2. Te konfiguroj llogarin e perdoruesit, nivelin e privilegjeve dhe fjalekalimin 3. Te konfiguroj qasje dhe authentifikimi ne ruter nepermjet konzoles 4. Te konfiguroj qasje dhe authentifikimi nga distanca ne Ruter nepermjet protokollit Telnet 5. Te konfigurohet ip addressa dhe te aktivizohet interfejsi fastethernet0/0 ne Ruter 6. Te konfigurohet ip adresa dhe default gateway ne Server 7. Te testohet qasja me Telenet nga Serveri 8. Te enkriptohen te gjitha fjalekalimet e konfiguruara ne Ruter 9. Te kontrollohet fajlli konfigurues i krijuar dhe te ruhet fajlli konfigurues ne memorien flash te ruterit 10. Ruajtja e fajllit konfigurues ne TFTP Server 11. Risetimi i fjalekalimit ne Ruter 12. Metodat e backup-it te Sistemit Operativ te Ruterit ne Server 13. Upgrade i Sistemit Operativ te Ruterit 14. Instalimi i Sistemit Operativ ne Ruter

Topologjia Topologjia qe do te perdoret ne kete ushtrim laboratorik perbehet nga nje Ruter i modelit 2811, nje Kompjuter dhe nje Server me TFTP Server te instaluar dhe te aktivizuar ashtu sic eshte paraqitur ne figure 1. Lidhja ne mes te Kompjuterit dhe Ruterit realizohet nepermjet kabllit te konzoles duke perdorur portin RS-232 ne Kompjuter dhe portin e konzoles ne Ruter. Lidhja ne mes te Serverit dhe Ruterit realizohet duke e perdorur kabllin Cross-Over (kablli i kryqezuar), ku porti Ethernet i Serverit lidhet me portin Fastethernet0/0 te Ruterit. Studenti me ndihmen e profesorit paraprakisht do ta beje lidhjen e paisjeve sikurse eshte specifkuar ne topologji.

Figura 1. Topologjia e ushtrimit laboratorik

Hapi e pare: Te konfigurohet emir i Ruteri

Router> enable Router# configure terminal Router(config)# hostname UBT-PR UBT-PR(config)#exit UBT-PR#

Hapi e dyte: Te krijohet llogaria e perdoruesit, ti caktohet niveli i administratorit te Ruterit dhe te definohet fjalekalimi.

UBT-PR# configure terminal UBT-PR(config)# username studenti privilege 15 password ubt123 UBT-PR(config)# exit UBT-PR#

Hapi e trete: Te konfigurohet qasja dhe authentifikimi ne Ruter nepermjet konzoles

UBT-PR# configure terminal UBT-PR(config)# line console 0 UBT-PR(config-line)#login local UBT-PR(config-line)#end UBT-PR#

Hapi e katert: Te konfigurohet qasja dhe authentifikimi nga distance ne Ruter nepermjet protokollit Telnet

UBT-PR# configure terminal UBT-PR(config)# line vty 0 4 UBT-PR(config-line)# login local UBT-PR(config-line)#end UBT-PR#

Hapi e peste: Te konfigurohet ip addressa dhe te aktivizohet interfejsi fastethernet0/0 ne Ruter (Shenim: ip adresa e konfigurar ne interfejse te Ruterit do te jete 192.168.0.254 me subenet maske 255.255.255.0)

UBT-PR# configure terminal UBT-PR(config)# interface fastethernet0/0 UBT-PR(config-if)# ip address 192.168.0.254 255.255.255.0 UBT-PR(config-if)# no shutdown UBT-PR(config-if)# end UBT-PR#

Hapi e gjashte: Te konfigurohet ip adresa dhe default gateway ne Server (Shenim: ip adresa e konfigurar ne interfejse te Serverit do te jete 192.168.0.1 me subenet maske 255.255.255.0)

Konfigurimi i default gateway ne Server

Konfigurimi i IP adreses ne Server

Hapi e shtate: Te testohet qasja nga distance me Telnet nga Serveri ne Ruter Fillimisht behet testimi i lidhjes ne mes te Serverit dhe Ruterit duke e perdorur komanden ping

Pasi e kemi testuar lidhjen ne mes te Serverit dhe Ruterit do ta perdorim komanden Telnet me ip adresen e interfejsit te Ruterit. Pas ekzekutimit te komandes Ruteri kerkon nga ne qe te vendosim username dhe password. Username: student Password: ubt123

Hapi e tete: Te enkriptohen te gjitha fjalekalimet e konfiguruara ne Ruter Nga kompjuteri nepermjet konzoles qasemi ne ruter duke ekzekutuar komandat ne vazhdim UBT-PR> enable UBT-PR# configure terminal UBT-PR(config)# service password-encryption UBT-PR(config)# end UBT-PR#

Hapi i nente: Te kontrollohet fajlli konfigurues i krijuar dhe te ruhet fajlli konfigurues ne memorien flash te ruterit

UBT-PR# show running-config (Nje shembull i rezultatit te komandes) ------------------------------------------------------------------------------------------------------------------

Building configuration... Current configuration : 687 bytes ! version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname UBT-PR ! username studenti privilege 15 password 7 0830594C1D495C4F45 ! --More -------------------------------------------------------------------------------------------------------------------fund

Ruajtja e fajllit konfigurues ne memorien e perhershme te ruterit UBT-PR#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] UBT-PR#

Hapi i dhjete: Ruajtja e fajllit konfigurues ne TFTP Server UBT-PR#copy running-config tftp Address or name of remote host []? 192.168.0.1 Destination filename [UBT-PR-confg]? Writing running-config...!! [OK - 687 bytes] 687 bytes copied in 0.063 secs (10000 bytes/sec) UBT-PR#

Hapi i njembedhjete: Risetimi i fjalekalimit ne Ruter Per te risetuar fjalekalimin per qasje ne Ruter duhet te ndejkim proceduren ne vazhdim. 1. 2. 3. 4. E fikim dhe e kycim Ruterin Menjehere pas startimit e shtypim kombinimin e butonave Ctrl+Break ose Ctrl+C Ruteri do te startoj me system operativ te kufizuar nga ROM-i E ndryshojme regjistrin konfigurues dhe e startojme ruterin ekzekutoni komandat si ne vazhdim

rommon 1 > confreg 0x2142 rommon 2 > boot

Kur te paraqitet mesazhi shenoni no --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: No

Router> Kjo do te thot se ruteri ka startuar duke e anashkaluar fajllin konfigurues fjalekalimin e te cilit e kemi haruar. Ne vazhdim do te ekzekutojme komandat per te ndryshuar fjalekalimin pa e humbur fajllin konfigurues. (Verejtje: Ekzekutoni komandar sipas renditjes qe jane shenuar, cdo gabim ne ekzekutim te komandave mund te qoj ne humbjen e fajllit konfigurues). Router> enable Router#copy startup-config running-config Destination filename [running-config]? 687 bytes copied in 0.416 secs (1651 bytes/sec) %SYS-5-CONFIG_I: Configured from console by console UBT-PR# configure terminal UBT-PR(config)#username studenti privilege 15 password ubt123 UBT-PR(config)# config-register 0x2102 UBT-PR(config)# end UBT-PR#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] UBT-PR#

Hapi i dymbedhjete: Metodat e backup-it te Sistemit Operativ nga Ruteri ne Server Pas procedures se password recovery apo risetimit te fjalekalimit, ne ruter te gjithe interfejset e ruterit administrativisht fiken. Fillimisht e aktivizoni interfejsin fastethernet 0/0 dhe pastaj vazhdoni me procesin e backup-it te Sistemit Operativ te Ruterit. UBT-PR# configure terminal UBT-PR(config)# interface fastethernet 0/0 UBT-PR(config-if)# no shutdown UBT-PR(config-if)#end Per ta mesuar emrin e fajllit te sistemit operativ e shenojme komanden show version UBT-PR# show version (Nje shembull i rezultatit pas ekzekutimit te komandes, rreshti i nenvizuar paraqet emrin e sistemit operativ) -----------------------------------------------------------------------------------------------------------------Cisco IOS Software, 2800 Software (C2800NM-IPBASEK9-M), Version 12.4(8), RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport
10

Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Mon 15-May-06 14:54 by pt_team ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. System returned to ROM by power-on System image file is "flash: c2800nm-advipservicesk9-mz.124-15.T1.bin" --More----------------------------------------------------------------------------------------------------------------UBT-PR# copy flash tftp Source filename [ ]? c2800nm-advipservicesk9-mz.124-15.T1.bin Address or name of remote host [ ]? 192.168.0.1 Destination filename [c2800nm-advipservicesk9-mz.124-15.T1.bin]? Writing c2800nm-advipservicesk9-mz.12415.T1.bin....!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 50938004 bytes] 50938004 bytes copied in 6.48 secs (7860000 bytes/sec) UBT-PR#

Hapi i trembedhjete: Upgrade i Sistemit Operativ te Ruterit Ne kete hap si detyre kemi te bejme upgrade te sistemit operativ ne Ruter. Per te verifikuar se a kemi hapsire te lire ne flash memorie te Ruterit e shenojme komanden show flash.

11

UBT-PR# show flash System flash directory: File Length Name/status 4 15522644 c2800nm-advipservicesk9-mz.124-15.T1.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [15778463 bytes used, 48237921 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) Rezultati i paraqitur pas ekzekutimit te komandes na tregon se nuk kemi hapesire te mjaftueshme per te vendosur dy sisteme operative ne te njejten kohe. Per te liruar hapsiren ne flash memorie do ta ekzekutojme komanden delete flash.

UBT-PR# delete flash Delete filename [ ]?c2800nm-advipservicesk9-mz.124-15.T1.bin Delete flash:/c2800nm-ipbasek9-mz.124-8.bin? [confirm] Pasi e kemi liruar hapesiren ne flash memorie te Ruterit fillojme me upgrade te Sistemit Operative duke ekzekutuar komanden ne vazhdim UBT-PR#copy tftp flash Address or name of remote host []? 192.168.0.1 Source filename []? c2800nm-ipbasek9-mz.124-8.bin Destination filename [c2800nm-ipbasek9-mz.124-8.bin]? Accessing tftp://192.168.0.1/c2800nm-ipbasek9-mz.124-8.bin... Loading c2800nm-ipbasek9-mz.124-8.bin from 192.168.0.1: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 15522644 bytes] 15522644 bytes copied in 9.329 secs (282746 bytes/sec) UBT-PR#

12

Hapi i katermbedhjete: Instalimi i Sistemit Operativ ne Ruter Ne rastin kur nuk kemi Sistem Operativ te instaluar ne Ruter ateher duhet te zbatojme proceduren ne vazhdim per instalim. Kur starton Ruteri pa Sistem Operativ ai do te startoj nga ROM me nje Sistem Operativ te kufizuar. Per te filluar procesin e instalimit perdorim komanden rommon 1 > tftpdnld Missing or illegal ip address for variable IP_ADDRESS Illegal IP address. usage: tftpdnld Use this command for disaster recovery only to recover an image via TFTP. Monitor variables are used to set up parameters for the transfer. (Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.) "ctrl-c" or "break" stops the transfer before flash erase begins. The following variables are REQUIRED to be set for tftpdnld: IP_ADDRESS: The IP address for this unit IP_SUBNET_MASK: The subnet mask for this unit DEFAULT_GATEWAY: The default gateway for this unit TFTP_SERVER: The IP address of the server to fetch from TFTP_FILE: The filename to fetch The following variables are OPTIONAL: TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=7) TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200) TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1) FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx, 4=Auto(deflt rommon 2 > IP_ADDRESS=192.168.0.254 rommon 3 > IP_SUBNET_MASK=255.255.255.0 rommon 4 > DEFAULT_GATEWAY=192.168.0.254 rommon 5 > TFTP_SERVER=192.168.0.1 rommon 6 > TFTP_FILE=c2800nm-advipservicesk9-mz.124-15.T1.bin rommon 7 > set DEFAULT_GATEWAY=192.168.0.254 IP_ADDRESS=192.168.0.254 IP_SUBNET_MASK=255.255.255.0 PS1=rommon ! > TFTP_FILE=c2800nm-advipservicesk9-mz.124-15.T1.bin TFTP_SERVER=192.168.0.1

13

rommon 8 > tftpdnld IP_ADDRESS: 192.168.0.254 IP_SUBNET_MASK: 255.255.255.0 DEFAULT_GATEWAY: 192.168.0.254 TFTP_SERVER: 192.168.0.1 TFTP_FILE: c2800nm-advipservicesk9-mz.124-15.T1.bin Invoke this command for disaster recovery only. WARNING: all existing data in all partitions on flash will be lost! Do you wish to continue? y/n: [n]: y Pasi te keni shtypur konfirmimin yes ruteri vazhdon me kopjimin e sistemit operativ nga TFTP Serveri ne flash memorie ashtu siq eshte paraqitur me poshte. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! --------program flash location 0x62fe0000 program flash location 0x62ff0000 program flash location 0x63000000 program flash location 0x63010000 program flash location 0x63020000 program flash location 0x63030000 program flash location 0x63040000 program flash location 0x63050000 program flash location 0x63060000 program flash location 0x63070000 program flash location 0x63080000 program flash location 0x63090000 ----------------------------------------------------------------------------------------------------------------

14

rommon 9 > boot System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : ########################################################################## [OK] Continue with configuration dialog? [yes/no]: n

Press RETURN to get started!

Router> Instalimi i Sistemit Operative eshte kryer me sukses dhe Ruteri eshte i gatshem per perdorim ne rrjete.

15