Router Configuration Notes

7/30/2019 Router Configuration Notes

1/12

Page 1 of12

Router configuration

CABLING

Crossover Between host and routers

Straight-through Between routers/switches and routers/switches OR host toswitches

Rollover/Console Between host and routers/switches

Clear configuration

Remove the startup configuration from NVRAMSwitch#erase nvram

Remove the VLAN databaseSwitch#delete flash:vlan.datDelete filename [vlan.dat]?[Enter]Delete flash:vlan.dat? [confirm] [Enter]

Restart the software

Switch#reload

Basic configuration

Privileged modeRouter>enable

Configuration modeRouter#config termEnter configuration commands, one per line. End with CNTL/Z.

Change device (prompt) nameRouter(config)#hostname Router1

Configure a login bannerRouter(config)#banner login Authorized Personnel Only!

Configure a message of the day bannerRouter(config)#banner motd Authorized Personnel Only!

Set the switch default gatewayS1(config)#ip default-gateway 172.17.99.1

Disable DNS lookupS1(config)#no ip default-gateway

Encrypt privileged exec passwordRouter1(config)#enable secret class

Set console access passwordRouter1(config)#line console 0Router1(config-line)#password cisco

Router1(config-line)#loginRouter1(config-line)#logging synchronousRouter1(config-line)#exec-timeout 5

Set telnet access passwordRouter1(config-line)#line vty 0 4Router1(config-line)#password ciscoRouter1(config-line)#loginRouter1(config-line)#logging synchronousRouter1(config-line)#exec-timeout 5

Set the interface layer 3 address


2/12

Page 2 of12

Router1(config-line)#interface fa0/0Router1(config-if)#ip address 192.168.7.126 255.255.255.128Router1(config-if)#no shutdown

Set the interface descriptionRouter1(config-if)#description connection to host1

Exit from configuration modeRouter1(config-if)#end

Router1#show run

Configure the FastEthernet 0/1 interface on Router.

R1(config)#interface fastethernet 0/1

R1(config-if)#ip address 192.168.1.1 255.255.255.0

R1(config-if)#no shutdown

Configure the Serial 0/0/0 interface on Router DCE port.

R1(config)#interface serial 0/0/0


R1(config-if)#clock rate 64000


Configure the loopback interface.

R1(config)#interface loopback0



Router1#show interface brief

Initialize all ports in the shutdown stateSwitch#config termSwitch(config)#interface range fa0/1-24Switch(config-if-range)#shutdownSwitch(config-if-range)#interface range gi0/1-2Switch(config-if-range)#shutdown


3/12

Page 3 of12

CONFIGURE SERIAL INTERFACES

Configure PPP encapsulation with CHAP authentication

R1(config)#username R2 password ciscoR1(config)#interface Serial0/0/0R1(config-if)#encapsulation pppR1(config-if)#ppp authentication chapR1(config-if)#exit

Configure Frame Relay

R1(config)#interface Serial0/0/1R1(config-if)#encapsulation frame-relayR1(config-if)#frame-relay map ip 172.16.0.9 101 broadcastR1(config-if)#frame-relay map ip 172.16.0.10 101 broadcastR1(config-if)#frame-relay interface-dlci 101R1(config-if)#no keepaliveR1(config-if)#exit

Configure HDLC encapsulation

R2(config)#interface Serial0/0/1R2(config-if)# encapsulation hdlc

Router#show interface Serial0/0/0Router#show frame-relay pvcRouter#show frame-relay map


4/12

Page 4 of12

CONFIGURE ROUTING PROTOCOLS

Configure RIP routing on Router1.

R1(config)#router ripR1(config-router)#version 2R1(config-router)#network 10.0.0.0R1(config-router)#network 172.16.0.0R1(config-router)#passive-interface fastEthernet0/1R1(config-router)#no auto-summary

Configure static default route on Router2.

R2(config)#ip route 0.0.0.0 0.0.0.0 x.x.x.x or s 0/0 or loopback0

Configure RIP routing on Router2.

R2(config)#router rip

R2(config-router)#version 2R2(config-router)#network 172.16.0.0R2(config-router)#no auto-summaryR2(config-router)#redistribute static

Router#show ip protocolsRouter#show ip route

Configure OSPF routing on Router.

R1(config)#router ospf 1R1(config-router)#network 10.1.1.0 0.0.0.255 area 0

Configure OSPF priority

R1(config)#interface fastethernet 0/0R1(config)#ip ospf priority [255 to 0]

Configure OSPF cost

R1(config)#interface serial 0/0/0R1(config)#ip ospf cost [1]

1

Configure EIGRP routing on Router.

R1(config)#router eigrp 1

R1(config-router)#network 192.168.158.1 0.0.0.127

Discontiguous network.

R1(config)#router eigrp 1R1(config-router)#no auto-summary

Configure static default route.

R1(config)#ip route 0.0.0.0 0.0.0.0 x.x.x.x or s 0/0 or loopback


5/12

Page 5 of12

Configure DHCP server on route.

Include 192.168.1.100 to 192.168.1.254 in the DHCP-POOL

R1(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.99R1(config)#ip dhcp pool DHCP-POOL

R1(dhcp-config)#network 192.168.1.0 255.255.255.0R1(dhcp-config)#default-router 192.168.1.1R1(dhcp-config)#dns-server 192.168.1.1

Configure DHCP client on route.

R1(config)#interface fastether0/0R1(config-if)#ip address dhcpR1(config-if)#no shutdown


6/12

Page 6 of12

Redistribute an eigrp default route

R1(config)#interface loopback0R1(config-if)#ip address 189.54.69.254 255.255.255.252Configure a static default routeR1(config)#ip route 0.0.0.0 0.0.0.0 loopback0Propagate or redistribute the static default route to other routers

R1(config)#router eigrp 1R1(config-router)#redistribute static

Redistribute an OSPF default route

R1(config)#interface loopback0R1(config-if)#ip address 189.54.69.254 255.255.255.252Configure a static default routeR1(config)#ip route 0.0.0.0 0.0.0.0 loopback0Propagate or redistribute the static default route to other routersR1(config)#router ospf 1R1(config-router)#default-information originate


7/12

Page 7 of12

To view the routing table and the cost

R1#show IP route

R1#show ip interface brief

To view info about routing protocol operation , the current router ID

R1#show ip protocols

To change router ID use loopback and issue

R1#reload or R1#clear ip ospf process command.

To view ospf configuration , the current router ID

R1#show ip ospf

To view neighbor adjacencies and DR, BDR, or DRother stateR1#show ip ospf neighbor

To view ospf DR, BDR, or DRother state, the current router ID, the routerpriorityR1#show ip ospf interface


8/12

Page 8 of12

CONFIGURE BASIC ROUTERSECURITY

Enable a secure Telnet login using local database

R2(config)#username cisco password ciscoR2(config)#aaa new-modelR2(config)#aaa authentication login LOCAL_database local

R2(config)#line vty 0 4R2(config)#login authentication LOCAL_database

Disable unused services and interfaces

R2(config)#no service pad

R2(config)#no service finger

R2(config)#no service udp-small-server

R2(config)#no service tcp-small-server

R2(config)#no ip bootp server

R2(config)#no ip http server

R2(config)#no ip finger

R2(config)#no ip source-route

R2(config)#no ip gratuitous-arps

R2(config)#no cdp run


9/12

Page 9 of12

CONFIGURE ACCESS CONTROL LISTS

Allow telnet to R1 and R3 from R2 only

R1(config)#access-list 101 permit tcp host 172.16.0.2 any eq 23R1(config)#access-list 101 permit tcp host 172.16.0.5 any eq 23R1(config)#access-list 101 deny tcp any any eq 23R1(config)#access-list 101 permit ip any any

R1(config)#line vty 0 4R1(config-line)#access-class 101 in

R3(config)#access-list 101 permit tcp host 172.16.0.2 any eq 23R3(config)#access-list 101 permit tcp host 172.16.0.5 any eq 23R3(config)#access-list 101 deny tcp any any eq 23R3(config)#access-list 101 permit ip any any

R3(config)#line vty 0 4R3(config-line)#access-class 101 in

Do not allow HTTP, Telnet, and FTP traffic from Internet to PC1

R2(config)#access-list 102 deny tcp any host 10.0.0.10 eq 80R2(config)#access-list 102 deny tcp any host 10.0.0.10 eq 23R2(config)#access-list 102 deny tcp any host 10.0.0.10 eq 21R2(config)#access-list 102 deny tcp any host 10.0.0.10 eq 20R2(config)#access-list 102 permit ip any any

R2(config)#interface Loopback0R2(config-if)#ip access-group 102 in

Do not allow PC1 to receive traffic from the 10.0.0.128/25 network

R3(config)#access-list 103 deny ip 10.0.0.128 0.0.0.127 host 10.0.0.10R3(config)#access-list 103 permit ip any any

R3(config)#interface Serial0/0/0R3(config-if)#ip access-group 103 out

R3(config)#interface Serial0/0/1R3(config-if)#ip access-group 103 out

Router#show ip access-lists


10/12

Page 10 of12

CONFIGURE NAT

Allow PC3 to ping PC1

R3(config)#access-list 104 permit ip 10.0.0.128 0.0.0.127 anyR3(config)#ip nat inside source list 104 interface Serial0/0/0 overload

R3(config)#interface fastEthernet0/1

R3(config-if)#ip access-group 104 in

R3(config-if)#ip nat inside

R3(config)#interface Serial0/0/0

R3(config-if)#ip nat outside

R3(config)#interface Serial0/0/1

R3(config-if)#ip nat outside

R3#show ip access-lists


11/12

Page 11 of12

Configure the trunking interface on Router.

R1(config)#interface fastethernet 0/1


R1(config-if)#interface fastethernet 0/1.1

R1(config-subif)#encapsulation dot1q 1

R1(config-subif)#ip address 172.17.1.1 255.255.255.0








R1(config-subif)#encapsulation dot1q 99 nativeR1(config-subif)#ip address 172.17.99.1 255.255.255.0

R1#show IP route

Configure the server LAN interface

R1(config)# interface FastEthernet0/0R1(config-if)#ip address 172.17.50.1 255.255.255.0R1(config-if)#description server interfaceR1(config-if)#no shutdownR1(config-if)#end

Configure host PCs.

Configure OSPF routing on Router.

R1(config)#router ospf 1R1(config-router)#network 10.1.1.0 0.0.0.255 area 0

R1#show IP route

Configure RIP routing on Router.

R1(config)#router ripR1(config-router)#network 10.1.1.0

R1#show IP route

Configure EIGRP routing on Router.

R1(config)#router eigrp 1


12/12

Page 12 of12

R1(config-router)#network 10.1.1.0 0.0.0.255

R1#show IP route

Documents

Router Configuration Notes