View
218
Download
0
Category
Preview:
Citation preview
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
1/41
111 2006 Glcat,Zyuanli,. All rights reserved.
Introduction to the Cisco IOS
In this chapter, youll learn how to
configure a Cisco IOS router using both
the initial setup mode and the Cisco IOS
command-line interface (CLI). Through the
IOS interface, you can configure
passwords, banners, and more. Youll also
learn the basics of router configurations inthis chapter
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
2/41
222 2006 Glcat,Zyuanli,. All rights reserved.
Cisco Router IOS
Carrying network protocols and functions
Connecting high-speed traffic betweendevices
Adding security to control access and stopunauthorized network use
Providing scalability for ease of network
growth and redundancy Supplying network reliability for connecting
to network resources
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
3/41
333 2006 Glcat,Zyuanli,. All rights reserved.
Connecting to a Cisco Router
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
4/41
444 2006 Glcat,Zyuanli,. All rights reserved.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
5/41
555 2006 Glcat,Zyuanli,. All rights reserved.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
6/41
666 2006 Glcat,Zyuanli,. All rights reserved.
Bringing Up a Routers
power-on
self-test (POST) load the Cisco IOS from flash memory
IOS loads and looks for a valid
configuration(stored by default innonvolatile RAM, or NVRAM)
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
7/41777 2006 Glcat,Zyuanli,. All rights reserved.
Setup Mode
You have two options when using setup mode:
Basic Managementand Extended Setup.
Basic Management only gives you enoughconfigurations to allow connectivity to the router,
but Extended Setup gives you the power to
configure some global parameters as well as
interface configuration parameters. To entersetup mode, just say yes or y to the following
question:
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
8/41888 2006 Glcat,Zyuanli,. All rights reserved.
--- System Configuration Dialog ---
Would you like to enter the initial
configuration dialog? [yes/no]:y
At any point you may enter a question
mark '?' for help.Use ctrl-c to abortconfiguration dialog at any prompt.
Default settings are in square brackets '[]'.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
9/41999 2006 Glcat,Zyuanli,. All rights reserved.
Command-Line Interface
the command-line interface (CLI) truly is
the best way to configure a router. I
sometimes refer to the CLI as Cash Line
Interface because if you can create
advanced configurations on Cisco routers
and switches using the CLI, then youll getthe cash!
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
10/41101010 2006 Glcat,Zyuanli,. All rights reserved.
Logging into the Router
After the interface status messagesappear and you press Enter, the Router>prompt will appear. This is called user
exec mode (user mode) and its mostlyused to view statistics, but its also astepping-stone to logging into privilegedmode. You can only view and change theconfiguration of a Cisco router inprivilegedexec mode (privileged mode), which youget into with the enable command.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
11/41111111 2006 Glcat,Zyuanli,. All rights reserved.
Router>
Router>enable
Router#
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
12/41121212 2006 Glcat,Zyuanli,. All rights reserved.
CLI Prompts
User mode Privileged mode
Global configuration mode
Interface configuration mode
RAM
NVRAM
Flash(IOS)
copy decompressed
decompressed
enable
disenable
config t exit
exitInterfice
end or ctrl+z
Router> Router#
Router(config)#
Router(config-if)#
Router(config-subif)#
R t d S it h Ad i i t ti
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
13/41131313 2006 Glcat,Zyuanli,. All rights reserved.
Router and Switch Administrative
Functions
Hostnames Banners
Password
Interface descriptions
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
14/41141414
2006 Glcat,Zyuanli,. All rights reserved.
Hostnames
Router#config t
Enter configuration commands, one per
line. End with CNTL/Z.
Router(config)#hostname Todd
Todd(config)#hostname Atlanta Atlanta(config)#
See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Hostname%E8%AE%BE%E7%BD%AE/hostname.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Hostname%E8%AE%BE%E7%BD%AE/hostname.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
15/41151515
2006 Glcat,Zyuanli,. All rights reserved.
Banners
A banneris more than just a little cool
one very good reason for having a banneris to give any and all who dare attempt to
telnet or dial into your internetwork a little
security notice.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
16/41161616
2006 Glcat,Zyuanli,. All rights reserved.
four available banner types
exec process creation banner incoming terminal line banner
login banner
message of the day banner
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
17/41171717
2006 Glcat,Zyuanli,. All rights reserved.
Message of the day (MOTD) is the most
extensively used banner. It gives a
message to every person dialing into or
connecting to the router via Telnet or
auxiliary port, or even through a console
port See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/MOTD%E8%AE%BE%E7%BD%AE/MOTD.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/MOTD%E8%AE%BE%E7%BD%AE/MOTD.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
18/41181818
2006 Glcat,Zyuanli,. All rights reserved.
Setting Passwords
There are five passwords used to secure
your Cisco routers:
console
Auxiliary
telnet (VTY)
enable password
enable secret.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
19/41191919
2006 Glcat,Zyuanli,. All rights reserved.
Enable Passwords
Console and Auxiliary used to set your
enable password thats used to secure
privileged mode. This will prompt a user
for a password when the enable command
is used.
examp e o sett ng t e ena e
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
20/41
202020 2006 Glcat,Zyuanli,. All rights reserved.
examp e o sett ng t e ena epasswords:
Router(config)#enable secret todd
Router(config)#enable password todd
The enable password you have chosen is
the same as your enable secret. This is
not recommended. Re-enter the enable
password.
See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE/%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE/%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
21/41
212121 2006 Glcat,Zyuanli,. All rights reserved.
User-mode passwords
Router(config)#line ?
First Line number
aux Auxiliary line
console Primary terminal line
tty Terminal controller
vty Virtual terminal
x/y Slot/Port for Modems
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
22/41
222222 2006 Glcat,Zyuanli,. All rights reserved.
aux Sets the user-mode password for the
auxiliary port.
console Sets a console user-mode
password.
vty Sets a Telnet password on the router.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
23/41
232323 2006 Glcat,Zyuanli,. All rights reserved.
Telnet Password
Router(config-line)#line vty 0 ?
Last Line Number
Router(config-line)#line vty 0 4
Router(config-line)# password todd2
Router(config-line)# login See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Vty%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE/Vty%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Vty%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE/Vty%E5%AF%86%E7%A0%81%E8%AE%BE%E7%BD%AE.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
24/41
242424 2006 Glcat,Zyuanli,. All rights reserved.
Encrypting Your Passwords
Because only the enable secret password
is encrypted by default, youll need tomanually configure the user-mode and
enable passwords for encryption.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
25/41
252525 2006 Glcat,Zyuanli,. All rights reserved.
To manually encrypt your passwords, use
the service password-encryption command.
Router#config t
Enter configuration commands, one per
line. End with CNTL/Z.
Router(config)#service password-
encryption
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
26/41
262626 2006 Glcat,Zyuanli,. All rights reserved.
Descriptions
Setting descriptions on an interface is
helpful to the administrator and, like the
hostname, only locally significant.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
27/41
272727 2006 Glcat,Zyuanli,. All rights reserved.
Atlanta(config)#int e0
Atlanta(config-if)#description Sales Lan Atlanta(config-if)#int s0
Atlanta(config-if)#desc Wan to Miami
circuit:6fdda4321 See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Description/Description.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/Description/Description.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
28/41
282828 2006 Glcat,Zyuanli,. All rights reserved.
Router Interfaces
The 2500 router is a fixed configuration
router, which means that when you buy
that model, youre stuck with that physicalconfiguration.
2600 router, interface type slot/port
See here:
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E6%8E%A5%E5%8F%A3%E9%80%89%E6%8B%A9/%E6%8E%A5%E5%8F%A3%E9%80%89%E6%8B%A9.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E6%8E%A5%E5%8F%A3%E9%80%89%E6%8B%A9/%E6%8E%A5%E5%8F%A3%E9%80%89%E6%8B%A9.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
29/41
292929 2006 Glcat,Zyuanli,. All rights reserved.
Bringing Up an Interface
You can turn an interface off with the
interface command shutdown, and turn it
on with the no shutdown command.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
30/41
303030 2006 Glcat,Zyuanli,. All rights reserved.
Router#config t
Enter configuration commands, one per line. End with
CNTL/Z.
Router(config)#int ethernet0 Router(config-if)#no shutdown
Router(config-if)#^Z
00:57:08: %LINK-3-UPDOWN: Interface Ethernet0, changed
state to up
00:57:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Ethernet0, changed state to up
Router#sh int ethernet0
Ethernet0 is up, line protocol is up
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
31/41
313131 2006 Glcat,Zyuanli,. All rights reserved.
See here:
Configuring an IP Address on an
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E6%BF%80%E6%B4%BB%E6%8E%A5%E5%8F%A3/%E6%BF%80%E6%B4%BB%E6%8E%A5%E5%8F%A3.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E6%BF%80%E6%B4%BB%E6%8E%A5%E5%8F%A3/%E6%BF%80%E6%B4%BB%E6%8E%A5%E5%8F%A3.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
32/41
323232 2006 Glcat,Zyuanli,. All rights reserved.
Configuring an IP Address on an
Interface
Router(config)#int e0 Router(config-if)#ip address 172.16.10.2
255.255.255.0
Router(config-if)#no shut
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
33/41
333333 2006 Glcat,Zyuanli,. All rights reserved.
If you want to add a second subnet
address to an interface, you have to use
the secondary parameter
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
34/41
343434 2006 Glcat,Zyuanli,. All rights reserved.
Router(config-if)#ip address 172.16.20.2255.255.255.0 secondary
Router(config-if)#^Z
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
35/41
353535 2006 Glcat,Zyuanli,. All rights reserved.
Serial Interface Commands
there are a couple of things you need toknow.First, the interface will usually be attachedto a CSU/DSU type of device that providesclocking for the line to the router. But if you have
a back-to-back configuration (for example, onethats used in a lab environment), one endthedata communication equipment (DCE) end ofthe cablemust provide clocking. By default,Cisco routers are all data terminal equipment
(DTE) devices,so you must tell an interface toprovide clocking if you need it to act like a DCEdevice.
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
36/41
363636 2006 Glcat,Zyuanli,. All rights reserved.
Router#config t
Enter configuration commands, one per
line. End with CNTL/Z. Router(config)#int s0
Router(config-if)#clock rate ?
Speed (bits per second) 1200
2400
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
37/41
373737 2006 Glcat,Zyuanli,. All rights reserved.
Router(config-if)#clock rate 64000
%Error: This command applies only toDCE interfaces
Router(config-if)#int s1
Router(config-if)#clock rate 64000 See here:
Viewing Saving and
http://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E4%B8%B2%E8%A1%8C%E6%8E%A5%E5%8F%A3%E5%91%BD%E4%BB%A4/%E4%B8%B2%E8%A1%8C%E6%8E%A5%E5%8F%A3%E5%91%BD%E4%BB%A4.swfhttp://localhost/var/www/apps/conversion/tmp/scratch_5/CCNA/%E4%B8%B2%E8%A1%8C%E6%8E%A5%E5%8F%A3%E5%91%BD%E4%BB%A4/%E4%B8%B2%E8%A1%8C%E6%8E%A5%E5%8F%A3%E5%91%BD%E4%BB%A4.swf7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
38/41
383838 2006 Glcat,Zyuanli,. All rights reserved.
Viewing, Saving, and
Erasing Configurations
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
39/41
393939 2006 Glcat,Zyuanli,. All rights reserved.
show running-config
show startup-config
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
40/41
404040 2006 Glcat,Zyuanli,. All rights reserved.
NVRAM
(startup-config)
RAM
(running-config)
copy running-config startup-config Bringing Up and decompressed
show startup-config
erase startup-config
show running-config
7/29/2019 16637_Chapter 4 Introduction to the Cisco IOS
41/41
Verifying Your Configuration
P166~172
Recommended