Scribd Logo
Upload

Welcome to Scribd!

  • 4K views

    Step-by-Step Configuration of Cisco Routers: Step1: Configure Access Passwords

    Uploaded by

    LeworkDagne
    The document provides step-by-step instructions for configuring a Cisco router, including securing access with passwords, configuring the hostname and IP addresses, setting static routing, saving the configuration, and optionally configuring NAT and DHCP services. The six main configuration steps are to 1) secure access with passwords, 2) configure the hostname, 3) set IP addresses on interfaces, 4) configure static or dynamic routing, 5) save the configuration, and 6) optionally configure NAT and DHCP.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Step-by-Step Configuration of Cisco Routers: Step1: Configure Access Passwords

    Uploaded by

    LeworkDagne
    4K views7 pages
    The document provides step-by-step instructions for configuring a Cisco router, including securing access with passwords, configuring the hostname and IP addresses, setting static routing, saving the configuration, and optionally configuring NAT and DHCP services. The six main configuration steps are to 1) secure access with passwords, 2) configure the hostname, 3) set IP addresses on interfaces, 4) configure static or dynamic routing, 5) save the configuration, and 6) optionally configure NAT and DHCP.

    Original Description:

    Original Title

    router configuration

    Copyright

    © © All Rights Reserved

    Available Formats

    RTF, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides step-by-step instructions for configuring a Cisco router, including securing access with passwords, configuring the hostname and IP addresses, setting static routing, saving the configuration, and optionally configuring NAT and DHCP services. The six main configuration steps are to 1) secure access with passwords, 2) configure the hostname, 3) set IP addresses on interfaces, 4) configure static or dynamic routing, 5) save the configuration, and 6) optionally configure NAT and DHCP.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as rtf, pdf, or txt
    4K views7 pages

    Step-by-Step Configuration of Cisco Routers: Step1: Configure Access Passwords

    Uploaded by

    LeworkDagne
    The document provides step-by-step instructions for configuring a Cisco router, including securing access with passwords, configuring the hostname and IP addresses, setting static routing, saving the configuration, and optionally configuring NAT and DHCP services. The six main configuration steps are to 1) secure access with passwords, 2) configure the hostname, 3) set IP addresses on interfaces, 4) configure static or dynamic routing, 5) save the configuration, and 6) optionally configure NAT and DHCP.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as rtf, pdf, or txt
    of 7

    Step-by-Step Configuration of Cisco Routers

    Step1: Configure Access Passwords


    The first step is to secure your access to the router by configuring a global secret password and
    also passwords for Telnet or Console as needed.
    Enter into Global Configuration mode from the Privileged EXEC mode:
    Router# configure terminal <– Privileged EXEC mode
    Router(config)# <– Global Configuration Mode
    In Global Configuration Mode you configure parameters that affect the whole router device.
    Here we will configure the Enable Secret password that you will be using from now own to
    enter into Privileged EXEC Mode from User EXEC Mode.
    Router(config)# enable secret “somestrongpassword”
    From now on, when you log in from user EXEC mode you will be asked for a password.
    It is suggested also to configure a password for the Telnet Lines (VTY lines) which will secure
    your access when connecting via Telnet over the network.
    Router(config)# line vty 0 4
    Router(config-line)# password “strongTelnetPass”
    Router(config-line)# login
    Some people prefer to create also local user accounts (usernames and passwords) on the router
    itself in order to authenticate to the device. Here I’m explaining how to configure this specific
    setup.

    Step2: Configure a Router Hostname


    To differentiate your Router from other devices in the network, you should configure a Hostname
    for your device.
    Router(config)# hostname My-Router
    My-Router(config)#
    https://www.mediavine.comhttps://www.mediavine.com
    Notice that your Router prompt changes to the new hostname that you have just set.

    Step3: Configure IP addresses for Router Interfaces


    This is an essential step in order for your router to be able to forward packets in the network. The
    most basic parameter for a Router Interface is the IP address. From Global Configuration Mode
    you need to enter into Interface Configuration Mode:
    My-Router(config)# interface GigabitEthernet 0/0
    My-Router(config-if)# ip address 100.100.100.1 255.255.255.252
    My-Router(config-if)# no shutdown
    My-Router(config-if)# exit
    My-Router(config)# interface GigabitEthernet 0/1
    My-Router(config-if)# ip address 192.168.10.1 255.255.255.0
    My-Router(config-if)# no shutdown
    My-Router(config-if)# exit

    Step4: Configure Routing (Static or Dynamic)


    The Router’s main purpose is to find the best route path towards a destination network and
    forward packets according to the best path.
    There are two main ways a router knows where to send packets. The administrator can assign
    static routes, or the router can learn routes by using a dynamic routing protocol.
    For simple network topologies, static routing is preferred over dynamic routing. Let’s see how to
    configure static routes from Global Configuration Mode.
    My-Router(config)# ip route [192.168.1.0] [255.255.255.0] [10.149.64.113]
    My-Router(config)# ip route 192.168.1.0 255.255.255.0 100.100.100.2
    The command above tells the router that network 200.200.200.0/24 is reachable via gateway
    address 100.100.100.2.
    Another popular static route that we usually configure on Internet Border routers is the default
    static route:
    My-Router(config)# ip route 0.0.0.0 0.0.0.0 100.100.100.2
    The default static route above instructs the router to send ALL packets that the router does not
    have a more specific route entry to gateway address 100.100.100.2 (which might be the ISP
    gateway address).

    Step5: Save your configuration


    Save your current running configuration into NVRAM. This will overwrite the startup
    configuration.
    My-Router(config)# exit
    My-Router# copy running-config startup-config
    https://www.mediavine.comhttps://www.mediavine.com
    You can display your current configuration to verify your settings as following:
    My-Router# show running-config

    Step 6 (optional): Configure NAT


    This step is optional and is required only if your router acts as Internet border gateway to provide
    access to the internal private LAN towards the Internet.
    Assume that interface GigabitEthernet 0/0 is the WAN interface (connected to ISP for Internet
    access) and interface GigabitEthernet 0/1 is the LAN interface connected to the internal
    network.
    My-Router# conf term
    My-Router(config)# interface GigabitEthernet 0/0
    My-Router(config-if)# ip nat outside
    My-Router(config-if)# exit
    My-Router(config)# interface GigabitEthernet 0/1
    My-Router(config-if)# ip nat inside
    My-Router(config-if)# exit
    The commands above tell the router that traffic entering GigEth 0/1 will be NAT translated.
    Also, traffic exiting GigEth 0/0 will also be NAT translated.
    Now we need to create an Access List which will identify which specific traffic will be translated
    using NAT. Assuming that the internal LAN network is 192.168.10.0/24 :
    My-Router(config)# access-list 1 permit 192.168.10.0 0.0.0.255
    My-Router(config)# ip nat inside source list 1 interface GigabitEthernet 0/0 overload
    The commands above will create a NAT overload (PAT) rule which tells the router to translate
    any address identified in Access List 1 to the address assigned to GigabitEthernet0/0. The
    overload keyword allows one public address to be shared among several private internal
    addresses.

    Step 7 (optional): Configure DHCP


    A Cisco router can be configured as a DHCP server to assign IP addresses dynamically to
    internal hosts. First we need to create a pool of IP addresses that will be used to assign to clients:
    ! Configure the DHCP pool to assign addresses to internal hosts
    ip dhcp pool lan-pool
    network 192.168.10.0 255.255.255.0
    default-router 192.168.10.1
    dns-server 8.8.8.8
    Then, exclude which IP addresses you don’t want to be assigned by the router:
    ^
    % Invalid input detected at '^' marker.

    R1# speed auto


    ^
    % Invalid input detected at '^' marker.

    R1# no mop enabled


    ^
    % Invalid input detected at '^' marker.

    R1#!
    R1#ip forward-protocol nd
    ^
    % Invalid input detected at '^' marker.

    R1#!
    R1#no ip http server
    ^
    % Invalid input detected at '^' marker.

    R1#no ip http secure-server


    ^
    % Invalid input detected at '^' marker.

    R1#!
    R1#!
    R1#!
    R1#!
    R1#snmp-server community yes RO
    ^
    % Invalid input detected at '^' marker.

    R1#!
    R1#control-plane
    Translating "control-plane"...domain server (255.255.255.255)

    % Bad IP address or host name


    Translating "control-plane"...domain server (255.255.255.255)
    (255.255.255.255)
    Translating "control-plane"...domain server (255.255.255.255)
    % Unknown command or computer name, or unable to find computer address
    R1#!
    R1#!
    R1# vstack
    Translating "vstack"...domain server (255.255.255.255)

    % Bad IP address or host name


    Translating "vstack"...domain server (255.255.255.255)
    (255.255.255.255)
    Translating "vstack"...domain server (255.255.255.255)

    % Unknown command or computer name, or unable to find computer address


    R1#!
    R1#line con 0
    ^
    % Invalid input detected at '^' marker.

    R1# password cisco


    ^
    % Invalid input detected at '^' marker.

    R1# login
    % No login server running.
    R1#line aux 0
    ^
    % Invalid input detected at '^' marker.
    R1#line 2

    You might also like