I will give you a short introduction to the Cisco Internetwork Operating System, also known as the IOS. This is the operating system that controls Cisco routers and switches and provides the interface to configure Cisco devices as well.
We will take a look at the various router command modes, set router passwords and banners, configure router hostnames and interface descriptions, and much more.
For details on how to connect to a Cisco router or switch, see my article on How to Back Up and Restore Configuration on Cisco Devices. This article will show you with the basic commands for smoother and more linear induction into more specialized stuff.
Overview
of Router Modes
Once you login into a router you
instantly enter the so-called user mode- the prompt [Router name]
> appears. From this mode you can only see some statistic information.
To view and change the
configuration of the router you have to enter into the privileged mode by
entering the enable command. Here are the steps:
RouterA>
RouterA>enable
RouterA#
To be able to make global changes
to the configuration of the router you have to enter the global
configuration mode. Once you achieve that, you are able to access any
possible subsequent configuration mode and make global changes:
RouterA#configure terminal or config
t for short
RouterA(config)#
Now you have the control of your
device. If you need to modify your router's configuration then you enter the
appropriate configuration mode. For example, if you want to make a change to
your Fastethernet interface 0/0 then you have to enter interface
configuration mode and make your modifications from there. Here are
the steps:
RouterA(config)# interface fastethernet 0/0
RouterA(config-if)#
Prompt RouterA(config-if)#
indicates you are in interface configuration mode. At any time, and any mode
you are in, you can insert a question mark ? and the router
will automatically show all the possible commands or option parameters you can
apply at that specific time.
RouterA(config-if)# ?
Interface configuration commands:
access-expression
Build a bridge boolean access expression
arp Set arp type (arpa, probe,
snap) or timeout
backup Modify backup parameters
ip Interface Internet Protocol
config commands .
.
.
.
Below there is a list of the most
important configuration modes along with the commands used to enter these
modes:
Name
Your Router and Adjust its Clock
To apply an identity to your
router, use the hostname command. To adjust the clock on the router use the
clock set command. Always use the ? to help you correctly
finish the command:
Setting
Banners
It's a good idea to configure
security notices to be displayed every time someone accesses your router. These
notices are considered to be valid legal notices. The most useful banner is the
so-called Message Of The Day (MOTD) banner.
This banner is displayed to every
user connecting to the router either via telnet, console port or auxiliary
port. This is how you can set it on your router:
RouterA(config)# banner motd ?
Line c
banner-text c, where c is a delimiting character
RouterA(config)# banner
motd # ***AUTHORIZED USERS ONLY***#
Setting
Passwords
The first thing you need to set
on your router, before you even modify its configuration, is the secret
password which is used to secure privileged mode access to the router. This
password uses strong encryption algorithms making it impossible to break.
It should really be your number
one priority to make sure you have set this password on your router. Use the enable
secret commands to apply it to your router:
RouterA(config)# enable secret TEST
For added security you can apply
user mode passwords. When users access the router either remotely via telnet or
via the console terminal then this kind of passwords prompts the users for
authentication.
To set this password for users
accessing the router remotely via telnet, use the line vty [first line
number] [last line number] command. By default, Cisco IOS enables 5
virtual terminal lines - lines 0 through 4. The necessary steps to configure
this are the following:
RouterA(config)# line vty 0 4
RouterA(config-line)#login
RouterA(config-line)#password
TESTING
To set user mode password for the
console line, perform the following:
RouterA(config)# line console 0
RouterA(config-line)#login
RouterA(config-line)#password
TESTING
A couple of important commands
you can use at the line configuration mode are the exec-timeout
[minutes][seconds] and logging synchronous commands.
The first one sets the timeout
for the specific line and the second one stops annoying pop-up messages from
disrupting whatever you are trying to type. Here is an example of how to apply
these commands:
RouterA(config)# line console 0
RouterA(config-line)#exec-timeout
10 0
RouterA(config-line)#logging
synchronous
Managing
Router Interfaces
At the interface configuration
mode, you can apply an IP address and subnet mask to an interface using the ip
address command. You can also shutdown or activate an interface by
using the shutdown or no shutdown commands
respectively. These two commands are very basic and you will definitely use
them all the time. Here is an example:
RouterA(config)# interface fastethernet 0/0
RouterA(config-if)#ip
address 192.168.10.1 255.255.255.0
RouterA(config-if)#no
shutdown
It is a good idea to apply
descriptions to your connected interfaces as well. This will be very helpful,
especially when you're troubleshooting things. Simply use the description command,
like this:
RouterA(config)# interface fastethernet 0/0
RouterA(config)# description
CONNECTION TO CENTRAL SWITCH
Displaying
and Verifying Things
There is one privileged mode
command that you will find yourself using extensively. I am talking about the show command
which has a broad usage, including:
- Viewing
routers configuration
- Verifying
interfaces configuration
- Viewing
interfaces status
Here are a few important show
commands you will find helpful to use:
- RouterA#
show running configuration
- RouterA#
show clock
- RouterA#
show interfaces
- RouterA#
show ip interfaces brief
- RouterA#
show interfaces description
Go
Ahead and Ride Your Router
Now that you have learned the
basic commands for configuring your routers and switches go ahead and give it a
try! Try to apply the knowledge you gained from this article into practice, and
remember that it is vitally important to set your enable secret first.
Security is something you don't
have the privilege to underestimate. Also note that you should save your
router's configuration file at regular intervals to both your router's NVRAM
and external server.
0 comments:
Post a Comment