Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
In this chapter, youll learn how to configure a Cisco IOS router using both the initial setup mode and the Cisco IOS command-line interface (CLI). Through the IOS interface, you can configure passwords, banners, and more. Youll also learn the basics of router configurations in this chapter
2006 Glcat,Zyuanli,. All rights reserved.
Bringing Up a Routers
power-on self-test (POST) load the Cisco IOS from flash memory IOS loads and looks for a valid configuration(stored by default in nonvolatile RAM, or NVRAM)
Setup Mode
You have two options when using setup mode: Basic Management and Extended Setup. Basic Management only gives you enough configurations to allow connectivity to the router, but Extended Setup gives you the power to configure some global parameters as well as interface configuration parameters. To enter setup mode, just say yes or y to the following question:
2006 Glcat,Zyuanli,. All rights reserved.
--- System Configuration Dialog -- Would you like to enter the initial configuration dialog? [yes/no]:y At any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'.
2006 Glcat,Zyuanli,. All rights reserved.
Command-Line Interface
the command-line interface (CLI) truly is the best way to configure a router. I sometimes refer to the CLI as Cash Line Interface because if you can create advanced configurations on Cisco routers and switches using the CLI, then youll get the cash!
2006 Glcat,Zyuanli,. All rights reserved.
10
11
CLI Prompts
Router> User mode disenable config t decompressed Flash(IOS) RAM
Router(config)#
enable
copy
decompressed NVRAM
12
13
Hostnames
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname Todd Todd(config)#hostname Atlanta Atlanta(config)# See here:
2006 Glcat,Zyuanli,. All rights reserved.
14
Banners
A banner is more than just a little cool one very good reason for having a banner is to give any and all who dare attempt to telnet or dial into your internetwork a little security notice.
15
exec process creation banner incoming terminal line banner login banner message of the day banner
16
Message of the day (MOTD) is the most extensively used banner. It gives a message to every person dialing into or connecting to the router via Telnet or auxiliary port, or even through a console port See here:
2006 Glcat,Zyuanli,. All rights reserved.
17
Setting Passwords
There are five passwords used to secure your Cisco routers:
console Auxiliary telnet (VTY) enable password enable secret.
18
Enable Passwords
Console and Auxiliary used to set your enable password thats used to secure privileged mode. This will prompt a user for a password when the enable command is used.
19
20
User-mode passwords
Router(config)#line ? <0-70> First Line number aux Auxiliary line console Primary terminal line tty Terminal controller vty Virtual terminal x/y Slot/Port for Modems
2006 Glcat,Zyuanli,. All rights reserved.
21
aux Sets the user-mode password for the auxiliary port. console Sets a console user-mode password. vty Sets a Telnet password on the router.
22
Telnet Password
Router(config-line)#line vty 0 ? <1-4> Last Line Number <cr> Router(config-line)#line vty 0 4 Router(config-line)# password todd2 Router(config-line)# login See here:
2006 Glcat,Zyuanli,. All rights reserved.
23
Because only the enable secret password is encrypted by default, youll need to manually configure the user-mode and enable passwords for encryption.
24
To manually encrypt your passwords, use the service password-encryption command. Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#service passwordencryption
2006 Glcat,Zyuanli,. All rights reserved.
25
Descriptions
Setting descriptions on an interface is helpful to the administrator and, like the hostname, only locally significant.
26
Atlanta(config)#int e0 Atlanta(config-if)#description Sales Lan Atlanta(config-if)#int s0 Atlanta(config-if)#desc Wan to Miami circuit:6fdda4321 See here:
2006 Glcat,Zyuanli,. All rights reserved.
27
Router Interfaces
The 2500 router is a fixed configuration router, which means that when you buy that model, youre stuck with that physical configuration. 2600 router, interface type slot/port See here:
28
Bringing Up an Interface
You can turn an interface off with the interface command shutdown, and turn it on with the no shutdown command.
29
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#int ethernet0 Router(config-if)#no shutdown Router(config-if)#^Z 00:57:08: %LINK-3-UPDOWN: Interface Ethernet0, changed state to up 00:57:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up Router#sh int ethernet0 Ethernet0 is up, line protocol is up
30
See here:
31
32
If you want to add a second subnet address to an interface, you have to use the secondary parameter
33
34
35
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#int s0 Router(config-if)#clock rate ? Speed (bits per second) 1200 2400
2006 Glcat,Zyuanli,. All rights reserved.
36
Router(config-if)#clock rate 64000 %Error: This command applies only to DCE interfaces Router(config-if)#int s1 Router(config-if)#clock rate 64000 See here:
2006 Glcat,Zyuanli,. All rights reserved.
37
38
39
40
P166~172
41