Sie sind auf Seite 1von 6

Basic Cisco Router Configuration Steps

This post is by no means an exhaustive tutorial about Cisco Routers and how to configure their numerous features. It is just a step-by-step guide for the most basic configuration needed to make the router operational. When you first power on a new Cisco Router, you have the option of using the “setup” utility which allows you to create a basic initial configuration. However, in this post I will show you how to do this basic setup with the Command Line Interface (CLI). Mastering the Cisco Router CLI is essential for more complex configuration tasks and it is the most important knowledge you should acquire if you want to become a Cisco network administrator.

The basic CLI modes that we will be referring below are as following:

Router> <– User EXEC Mode Router# <– Privileged EXEC mode Router(config)# <– Global Configuration Mode Router(config-if)# <– Interface Configuration Mode Router(config-line)# <– Line Configuration Mode

I assume that you already have some basic knowledge of CLI and how to navigate between different configuration modes (user mode, privileged exec mode etc), so let’s get started:

Step1: Configure Access Passwords

The first step is to secure your access to the router by configuring a global secret password and also passwords for Telnet or Console as needed.

Enter into Global Configuration mode from the Privileged EXEC mode:

Router# configure terminal <– Privileged EXEC mode Router(config)# <– Global Configuration Mode

In Global Configuration Mode you configure parameters that affect the whole router device. Here we will configure the Enable Secret password that you will be using from now own to enter into Privileged EXEC Mode from User EXEC Mode.

Router(config)# enable secret “somestrongpassword”

From now on, when you log in from user EXEC mode you will be asked for a password.

It is suggested also to configure a password for the Telnet Lines (VTY lines) which will secure your access when connecting via Telnet over the network.

Router(config)# line vty 0 4 Router(config-line)# password “strongTelnetPass” Router(config-line)# login

Step2: Configure a Router Hostname

To differentiate your Router from other devices in the network, you should configure a Hostname for your device.

Router(config)# hostname My-Router My-Router(config)#

Notice that your Router prompt changes to the new hostname that you have just set.

Step3: Configure IP addresses for Router Interfaces

This is an essential step in order for your router to be able to forward packets in the network. The most basic parameter for a Router Interface is the IP address. From Global Configuration Mode you need to enter into Interface Configuration Mode:

My-Router(config)# interface serial 1/1 My-Router(config-if)# ip address My-Router(config-if)# no shutdown My-Router(config-if)# exit

My-Router(config)# interface fastethernet 0/1 My-Router(config-if)# ip address My-Router(config-if)# no shutdown My-Router(config-if)# exit

Step4: Configure Routing (Static or Dynamic)

The Router’s main purpose is to find the best route path towards a destination network and forward packets according to the best path. There are two main ways a router knows where to send packets. The administrator can assign static routes, or the router can learn routes by using a dynamic routing protocol. For simple network topologies, static routing is preferred over dynamic routing. Let’s see how to configure static routes from Global Configuration Mode.

My-Router(config)# ip route [destination network] [subnet mask] [gateway]

My-Router(config)# ip route

The command above tells the router that network is reachable via gateway address

Another popular static route that we usually configure on Internet Border routers is the default static route:

My-Router(config)# ip route

The default static route above instructs the router to send ALL packets that the router does not have a more specific route entry to gateway address (which might be the ISP gateway address).

Step5: Save your configuration

Save your current running configuration into NVRAM. This will overwrite the startup configuration.

My-Router(config)# exit My-Router# copy running-config startup-config

You can display your current configuration to verify your settings as following:

My-Router# show running-config

Basic Cisco Switch Configuration

In my opinion, the Cisco switches are the best in the market. Versatile, reliable, flexible and powerful, the Cisco switch product line (such as the 2960, 3560, 3750, 4500, 6500 etc) offer unparalleled performance and features.

Although a Cisco switch is a much simpler network device compared with other devices (such as routers and firewalls for example), many people have difficulties to configure a Cisco Catalyst Switch. Unlike other lower class switch vendors (which are plug-and-play), the Cisco switch needs some initial basic configuration in order to enable management, security and some other important features.

In this article I will describe the basic steps needed to configure a Cisco switch from scratch. I don’t like graphical GUI or web management at all, so I will show you command line configuration which is much more powerful and makes the administrators learn what they are doing on the device.

STEP1: Connect to the device via console

Use a terminal emulation software such as PuTTY and connect to the console of the switch. You will get the initial command prompt “Switch>

Type “enable” and hit enter. You will get into privileged mode (“Switch#”)

Now, get into Global Configuration Mode:

Switch# configure terminal Switch(config)#

STEP2: Set up a hostname for the particular switch to distinguish it in the network

Switch(config)# hostname access-switch1


STEP3: Configure an administration password (enable secret password)

access-switch1(config)# enable secret somestrongpass

STEP4: Configure a password for Telnet access

access-switch1(config)# line vty 0 15 access-switch1(config-line)# password strongtelnetpass access-switch1(config-line)# login access-switch1(config-line)# exit


STEP5: Define which IP addresses are allowed to access the switch via Telnet

access-switch1(config)# ip access-list standard TELNET-ACCESS access-switch1(config-std-nacl)# permit access-switch1(config-std-nacl)# permit access-switch1(config-std-nacl)# exit

!Apply the access list to Telnet VTY Lines access-switch1(config)# line vty 0 15 access-switch1(config-line)# access-class TELNET-ACCESS in access-switch1(config-line)# exit


STEP6: Assign IP address to the switch for management

!Management IP is assigned to Vlan 1 by default access-switch1(config)# interface vlan 1 access-switch1(config-if)# ip address access-switch1(config-if)# exit


STEP7: Assign default gateway to the switch

access-switch1(config)# ip default-gateway

STEP8: Disable unneeded ports on the switch

! This step is optional but enhances security ! Assume that we have a 48-port switch and we don’t need ports 25 to 48

access-switch1(config)# interface range fe 0/25-48 access-switch1(config-if-range)# shutdown access-switch1(config-if-range)# exit


STEP9: Save the configuration

access-switch1(config)# wr

The above are some steps that can be followed for basic set-up of a Cisco switch. Of course there are more things you can configure (such as SNMP servers, NTP, AAA etc) but those depend on the requirements of each particular network.