Configuring a Router

Configuring Router Name A router should be given a unique name as one of the first configuration tasks. This task is accomplished in global configuration mode using the following commands: Router(config)#hostname Tokyo Tokyo(config)# As soon as the Enter key is pressed, the prompt changes from the default host name (Router) to the newly configured host name, which is Tokyo in the example. Configuring Router Passwords Passwords restrict access to routers. Passwords should always be configured for virtual terminal lines and the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized users may make changes to the configuration file. The following commands are used to set an optional but recommended password on the console line: Router(config)#line console 0 Router(config-line)#password <password> Router(config-line)#login A password must be set on one or more of the virtual terminal (VTY) lines for users to gain remote access to the router using Telnet. Typically Cisco routers support five VTY lines numbered 0 through 4, although different hardware platforms support different numbers on VTY connections. The following commands are used to set the password on the VTY lines: Router(config)#line vty 0 4 Router(config-line)#password <password> Router(config-line)#login If an administrator telnets from one router to a directly connected router and the telnet connection opens, but the administrator is unable to log on, this is because the virtual terminal passwords are not defined in the running-configuration. The enable password and the enable secret are used to restrict access to the privileged EXEC mode. The enable password is only used if the enable secret has not been set. It is recommended that the enable secret always be set and used because it is encrypted while the enable password is not encrypted. These are the commands that are used to set the enable passwords: Router(config)#enable password <password> Router(config)#enable secret <password>

Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-config or show startup-config commands. This command is used to encrypt passwords in configuration output: Router(config)#service password-encryption The service password-encryption command applies a weak encryption to all unencrypted passwords. The enable secret <password> command uses a strong MD5 algorithm for encryption. Show Commands

show ip route Displays Routing Table of the router show interfaces Displays all the statistics for all the interfaces on the router. To view the statistics for a specific interface, enter the show interfaces command followed by the specific interface and port number show clock Shows the time set in the router show history Displays a history of commands that have been entered show flash Displays information about flash memory, configuration file and what IOS files are stored there show version Displays information about the configuration file in the router and the IOS that is running in RAM show ARP Displays the ARP table of the router show startup-configuration Displays the saved configuration located in NVRAM and display information about the IOS or configuration files stored in router memory show running-configuration Displays the configuration currently running in RAM

erase startup-config and reload deletes existing configuration on a router. Configuring a Serial Interface A serial interface can be configured from the console or through a virtual terminal line. To configure a serial interface follow these steps: 1. 2. 3. 4. 5. Enter global configuration mode Enter interface mode Specify the interface address and subnet mask Set clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected. Turn on the interface by the command Router(config-if)#no shutdown

Each connected serial interface must have an IP address and subnet mask if the interface is expected to route IP packets. Configure the IP address using the following commands: Router(config)#interface serial 0/0 Router(config-if)#ip address <ip address> <netmask> Router(config)#clock rate 56000 Router(config-if)#no shutdown

Serial interfaces require a clock signal to control the timing of the communications. In most environments, a DCE device such as a CSU will provide the clock. By default, Cisco routers are DTE devices but they can be configured as DCE devices. By default, interfaces are turned off, or shutdown, meaning they have no IP address. To turn on or enable an interface, the command no shutdown is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting the command shutdown is used to turn off the interface. The default state of interfaces on the router is administratively down, line protocol down. Configuring an Ethernet interface Each Ethernet interface must have an IP address and subnet mask if the interface is expected to route IP packets. Also, you should enter the no shut down command to enable the interface. To configure an Ethernet interface follow these steps: 1. 2. 3. 4. Enter global configuration mode Enter interface configuration mode Specify the interface address and subnet mask Enable the interface

By default, interfaces are turned off, or disabled. To turn on or enable an interface, the command no shutdown is entered. If an interface needs to be administratively disabled for maintenance or troubleshooting the command shutdown is used to turn off the interface. Interface Descriptions An interface description should be used to identify important information such as a distant router, a circuit number, or a specific network segment. A description of an interface can help a network user remember specific information about the interface, such as what network the interface services. The description is meant solely as a comment about the interface. Although the description appears in the configuration files that exist in router memory, a description does not affect the operation of the router. Descriptions are created by following a standard format that applies to each interface. The description may include the purpose and location of the interface, other devices or locations connected to the interface, and circuit identifiers. Descriptions allow support personnel to better understand the scope of problems related to an interface and allow for faster resolution of problems. Configuring Interface Descriptions To configure an interface description, enter global configuration mode. From global configuration mode, enter interface configuration mode. Use the command description followed by the information.

Procedure steps: 1. Enter global configuration mode by entering the command configure terminal. 2. Enter specific interface mode (for example interface Ethernet 0) interface ethernet 0. 3. Enter the command description followed by the information that is to be displayed. For example, XYZ Network, Building 18. 4. Exit interface mode back to privileged EXEC mode by using the command ctrl-Z. 5. Save the configuration changes to NVRAM by using the command copy running-config startup-config. Here is an example of interface descriptions: Router# configure terminal Router(config)# interface fa0 Router(config-if)# description Engineering LAN Login Banners A login banner is a message that is displayed at login and is useful for conveying messages that affect all network users, such as notices of impending system shutdowns. It can be used to display dated information regarding system change. Login banners can be seen by anyone. Therefore, careful attention should be used in the wording of a banner message. Welcome is an invitation for anyone to enter a router and is probably not an appropriate message. A login banner should be a warning not to attempt login unless authorized. A message such as This is a secure system, authorized access only! instructs unwanted visitors that any further intrusion is unwanted and illegal. Configuring message of the Day (MOTD) A message-of-the-day (MOTD) banner can be displayed on all connected terminals. Follow these steps to create and display a message-of-the-day: 1. Enter global configuration mode by using the command configure terminal. 2. Enter the command banner motd # The message of the day goes here #. 3. Save changes by issuing the command copy running-config startup-config. Host Name Resolution Host name resolution is the process that a computer system uses to associate a host name with an IP address. In order to use host names to communicate with other IP devices, network devices such as routers must be able to associate the host names with IP addresses. A list of host names and their associated IP addresses is called a host table.

A host table might include all devices in a network organization. Each unique IP address can have a host name associated with it. The Cisco IOS software maintains a cache of host nameto-address mappings for use by EXEC commands. This cache speeds up the process of converting names to addresses. Host names, unlike DNS names, are significant only on the router on which they are configured. The host table will allow the network administrator to type either the host name such as Auckland or the IP address to Telnet to a remote host Example: Router(config)# ip host Auckland 172.16.32.1 Configuring Host Tables To assign host names to addresses, first enter global configuration mode. Issue the command ip host followed by the name of the destination and all IP addresses where the device can be reached. This maps the host name to each of its interface IP addresses. To reach the host, use a telnet or ping command with the name of the router or an IP address that is associated with the router name. The procedure to configure the host table: 1. Enter global configuration mode in the router. 2. Enter the command ip host followed by the name of the router and all IP addresses associated with the interfaces on each router. 3. Continue entering until all routers in the network are entered. 4. Save the configuration to NVRAM. If telnet session can be established when using the IP address of a router but not the name of the router, the problem is on incorrect host table entry. Configuration Backup and Documentation Configuration files should be stored as backup files in the event of a problem. Configuration files can be stored on a network server, on a TFTP server, or on a disk stored in a safe place. Copying, editing and pasting configuration A current copy of the configuration can be stored on a TFTP server. The copy running-config tftp command, can be used to store the current configuration on a network TFTP server. To do so, complete the following tasks: Step 1 Step 2 Step 3 Enter the copy running-config tftp command in privileged mode. Enter the IP address of the host where the configuration file will be stored. Enter the name to assign to the configuration file.

Step 4

Confirm the choices by answering yes each time.

Configure Dynamic Routing Protocol and Table Router(config)#router rip Router(config-router)#network 192.168.14.0 Router(config-router)#network 192.168.15.0 Router(config-router)#exit

Configure Static Route and Default Static Route Router(config)#ip route 192.168.14.0 255.255.255.0 Serial 0/0 or Router(config)#ip route 192.168.14.0 255.255.255.0 192.168.15.1 Router(config)#ip route 0.0.0.0 0.0.0.0 Serial 0/0 or Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.15.1 Additional commands:

no ip domain-lookup logging synchronous

no ip classless

Disables DNS lookup entered in global configuration mode Command use to avoid unsolicited messages from interfering with the commands being entered. Done in line configuration mode Disable classless IP routing entered in global configuration mode