In this
article we would extend what you have learnt from previous article. In previous
article you have learnt
- How to check running
configuration in Cisco router
- How to check history
- How to check Router version
- How to check Router hardware
platform
- How to know DCE or DTE port
We would use
same topology which we have created in our previous article. Either create a
topology as given in following image
Click inside
the Router and select CLI and press Enter to get started. Setup mode
start automatically if there is no startup configuration present. The answer
inside the square brackets [ ], is the default answer. If this is the
answer you want, just press enter. Pressing CTRL+C at any time will end
the setup process, shut down all interfaces, and take you to user mode (Router>).
You cannot
use setup mode to configure an entire router. It does only the basics. For
example, you can only turn on either RIPv1 or Interior Gateway Routing Protocol
(IGRP), but not Open Shortest Path First Protocol (OSPF) or Enhanced Interior
Gateway Routing Protocol (EIGRP). You cannot create access control lists (ACL)
here or enable Network Address Translation (NAT). You can assign an IP address
to an interface, but not to a subinterface. All in all, setup mode is very
limiting.
--- System Configuration Dialog --- Continue with
configuration dialog? [yes/no]:
Write no
and press enter. To get router prompt
You are now
connected to Router and are in user mode prompt. The prompt is broken
down into two parts, the hostname and the mode. "Router" is the
Router0's hostname and ">" means you are in user
mode.
Press RETURN to get started
Router>
User mode is indicated with the '>' next
to the router name. in this mode you can look at settings but can not make
changes.
In Privilege mode(indicated by the '#', you can do anything). To get into privilege mode the keyword is enable.
In Privilege mode(indicated by the '#', you can do anything). To get into privilege mode the keyword is enable.
Next type
the command enable to get to the privileged mode prompt.
Router > enable
Router#
To get back
to the user mode, simply type disable. From the user mode type logout
or exit to leave the router.
Router#disable
Router>
Router>exit
Router con0 is now available
Press RETURN to get started
press enter
to get back router prompt
Router>
You are now
in User mode. Type ? to view all the available commands at this prompt.
Router>?
From
privilege mode you can enter in configuration mode by typing configure
terminal you can exit configuration mode type exit or <CTL>+z
Router>enable
Router#config terminal
Router(config)#exit
Router#
To view all
commands available from this mode type ? and press enter This will give
you the list of all available commands for the router in your current mode. You
can also use the question mark after you have started typing a command. For
example if you want to use a show command but you do not remember which
one it uses 'show ?' will output all commands that you can use with the show
command.
Router#show ?
access-expression List access expression
access-lists List access lists
backup Backup status
cdp CDP information
clock Display the system clock
cls DLC user information
compress Show compression statistics
configuration Contents of Non-Volatile memory
--More--
Basic Global Configurations mode Commands
Configuring a Router Name
This command
works on both routers and switches
Router(config)#hostname Lucknow Lucknow(config)#
You could
choose any descriptive name for your cisco devices
Configuring Passwords
This command
works on both routers and switches
|
Router(config)#enable password
test
|
Sets enable password to test
|
|
Router(config)#enable secret
vinita
|
Sets enable secret password to vinita
|
|
Router(config)#line console 0
|
Enters console line mode
|
|
Router(config-line)#password
console
|
Sets console line mode password to
console
|
|
Router(config-line)#login
|
Enables password checking at login
|
|
Router(config)#line vty 0 4
|
Enters vty line mode for all five
vty lines
|
|
Router(config-line)#password
telnet
|
Sets vty password to telnet
|
|
Router(config-line)#login
|
Enables password checking at login
|
|
Router(config)#line aux 0
|
Enters auxiliary line mode
|
|
Router(config-line)#password aux
|
Sets auxiliary line mode password
to aux
|
|
Router(config-line)#login
|
Enables password checking at login
|
CAUTION: The
enable secret password is encrypted by default. The enable password is not. For
this reason, recommended practice is that you never use the enable password
command. Use only the enable secret password command in a router or switch
configuration.
You cannot set both enable secret password and enable password to the same password. Doing so defeats the use of encryption.
You cannot set both enable secret password and enable password to the same password. Doing so defeats the use of encryption.
Configuring a Fast Ethernet Interface
|
Router(config)#interface
fastethernet 0/0
|
Moves to Fast Ethernet 0/0
interface configuration mode
|
|
Router(config-if)#description
Student Lab LAN
|
Optional descriptor of the link is
locally significant
|
|
Router(config-if)#ip address
192.168.20.1 255.255.255.0
|
Assigns address and subnet mask to
interface
|
|
Router(config-if)#no shutdown
|
Turns interface on
|
Creating a Message of the Day Banner
Router(config)#banner motd # Next Schedule metting with
manager is Postponed #
Router(config)#
The MOTD
banner is displayed on all terminals and is useful for sending messages that
affect all users. Use the no banner motd command to disable the MOTD
banner. The MOTD banner displays before the login prompt and the login banner,
if one has been created.
Creating a Login Banner
Router(config)#banner login # Unauthorized access is
prohibited !
Please enter your username and password. #
Router(config)#
The login
banner displays before the username and password login prompts. Use the no
banner login command to disable the login banner. The MOTD banner displays
before the login banner.
# is known as a delimiting character.
The delimiting character must surround the banner and login message and can be
any character so long as it is not a character used within the body of the
message
Assigning a Local Host Name to an IP Address
Router(config)#ip host Lucknow 172.16.1.1
Assigns a
host name to the IP address. After this assignment, you can use the host name
rather than an IP address when trying to Telnet or ping to that address
The no ip domain-lookup Command
Router(config)#no ip domain-lookup
Router(config)#
Turns off
trying to automatically resolve an unrecognized command to a local host name
Ever type in
a command incorrectly and are left having to wait for a minute or two as the
router tries to translate your command to a domain server of 255.255.255.255?
The router is set by default to try to resolve any word that is not a command
to a Domain Name System (DNS) server at address 255.255.255.255. If you are not
going to set up DNS, turn off this feature to save you time as you type,
especially if you are a poor typist
The logging synchronous Command
Router(config)#line console 0
Router(config-line)#exec-timeout 0 0
Router(config-line)#
Sets the
time limit when the console automatically logs off. Set to 0 0 (minutes
seconds) means the console never logs off.
The command exec-timeout 0 0 is great for a lab environment because the console never logs out. This is considered to be bad security and is dangerous in the real world. The default for the exec-timeout command is 10 minutes and zero (0) seconds (exec-timeout 10 0).
The command exec-timeout 0 0 is great for a lab environment because the console never logs out. This is considered to be bad security and is dangerous in the real world. The default for the exec-timeout command is 10 minutes and zero (0) seconds (exec-timeout 10 0).
Saving and erasing configurations
|
Router(config)#exit
|
Bring you back in Privilege exec
mode
|
|
Router#copy running-config
startup-config
|
Saves the running configuration to
local NVRAM
|
|
Router#copy running-config tftp
|
Saves the running configuration
remotely to a TFTP server
|
|
Router#erase startup-config
|
Deletes the startup configuration
file from NVRAM
|
Configuration Example: Basic Router Configuration
Click inside
the Router and select CLI and press Enter to get started.
--- System
Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface fastethernet 0/0
R1(config-if)#description Student Lab LAN
R1(config-if)#ip address 192.168.20.1 255.255.255.0
R1(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to
up
%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/0, changed state to up
R1(config-if)#exit
R1(config)#banner motd # Next Schedule metting with is
postponed #
R1(config)#banner login # Unauthorized access is prohibited !
Enter you user name
and password #
R1(config)#ip host Lucknow 172.16.1.1
R1(config)#no ip domain-lookup
R1(config)#line console 0
R1(config-line)#exec-timeout 0 0
R1(config-line)#logging synchronous
R1(config-line)#password consloe
R1(config-line)#login
R1(config-line)#exit
R1(config)#line vty 0 4
R1(config-line)#password telnet
R1(config-line)#login
R1(config-line)#exit
% Unrecognized command
R1(config)#enable password test
R1(config)#enable secret vinita
R1(config)#exit
%SYS-5-CONFIG_I: Configured from console by console
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#
I have
uploaded a configured and tested topology in case you are unable to locate the
problem spot then download this configuration file. And try to find out where
have you committed mistake
0 comments:
Post a Comment