Experimental 1:cisco Router base configuration

Source: Internet
Author: User
Tags session id switches domain lookup ssh server


Experimental 1:cisco Router base configuration



1. Operating mode of the router:
Router> user mode, typically used to view statistics, but cannot modify the router's settings.
router# Concession mode, you can view and modify the configuration of the router, typically run the show command here.
Router (config) # Global mode, where you modify the contents of the current running configuration.
Router (config-if) # interface mode, used to configure the physical interface and loopback interface of the router.
Router (CONFIG-SUBIF) # sub-interface mode, which is used to configure the logical interface created in the router.
Router (config-line) # console interface mode, typically used to configure user-mode passwords.
Router (config-router) # Routing Protocol Interface pattern, where routing protocols such as RIP, IGRP, and so on are configured.







2. Required configuration of the login router:
Router>logout//Exit console operation
Router>enable//Enter privileged mode from user mode
Router#disable//return user mode from privileged mode
Router#configure Terminal//Enter global mode
Router (config) #no IP domain Lookup//Turn off dynamic name resolution.
Router (config) #line console 0//Configure console Port
Router (config-line) #exec-timeout 0 0//switch off the console session timeout, no exec-timeout also.
Router (config-line) #logging synchronous//log synchronization to block some of the console's tips.
Router (Config-line) #exit
Router (config) #


3. Basic Router Configuration
Router (config) #hostname R1//Modify the identity of the router
R1#clock set 15:05:33 February 2006//Configure Clock
R1 (config) #banner MOTD #
This is the Cisco Router 2620. Configure the date information flag area (MOTD), which is displayed when you log on to the router
#
R1 (config) #
R1 (config) #int s1/0
R1 (config-if) # IP Add 12.1.1.1 255.255.255.0//Configure the IP address of the interface
R1 (config-if) #clock rate 64000//Configure the DCE-side clock
R1 (config-if) #no shutdown
R1 (config) #ip host R2 12.1.1.2//Add domain name record
R1#telnet 12.1.1.2
r1#12.1.1.2 or R2//More than two ways to interrupt landing R2


4. Set the password
R1#conf T
R1 (config) #enable password tree//Privileged mode password, clear text.
R1 (config) #enable secret tree1//function Ibid., higher privilege, ciphertext.
If both passwords are set at the same time, the ciphertext password will take effect.
R1 (config) # username CCNA privilege Password liming//establish local user name and password
R1 (config) #line con 0
R1 (config-line) #password liming//Set the password to log on to the router before it comes into user mode.
R1 (Config-line) #login//Enable login password verification
or R1 (config-line) #login Local//authenticate with a native user name and password
R1 (config-line) #line vty 0 4//Set 5 line 0-4 for Telnet access router.
R1 (config-line) #pass liming//Set the router terminal login password, do not set the login
R1 (Config-line) #login
or R1 (config-line) #login Local//authenticate with a native user name and password
R1 (config) #service password-encryption//encryption Password
R1 (config) # Ctrl + Z//end,exit, CTRL + Z for three exit commands
R1#sh Run//display result, password to be encrypted
R1#logout//Exit the console, verify the password configuration, or use Exit


5. Cancel the password
R1#conf T
R1 (config) #no enable password
R1 (config) #no enable secret
R1 (config) #line con 0
R1 (config-line) #no Pass
R1 (config-line) #no Login
R1 (config-line) #line vty 0 4
R1 (config-line) #no Pass
R1 (config-line) #no log
R1 (config-line) #line aux 0
R1 (config-line) #no Pass
R1 (config-line) #no log
R1 (Config-line) #end



6. View the router's information

R1#show Clock//view the configured clocks.
R1#sh History//View the commands that were recently entered on the router.
R1#sh Terminal//View the size of the terminal history.
R1#terminal History Size 22//change the historical record to 22.
R1#sh Version//Displays the versions of the router.
r1# SH Flash//display router Flash in iOS case, total flash size, free space
R1#SH Sessions//display session records, often used on terminals
R1#sh ip arp//display in a cached ARP table in the router
R1#SH Controller s1/0//view s1/0 information
R1#sh Startup-config//shows the configuration that will be used the next time the router reloads.
R1#sh Running-config//Displays the current configuration information.
R1#copy Run star//Save the current configuration as a boot-time configuration, or write memory
R1#sh Run
r1# Erase startup-config//Delete boot profile r1#reload//restart route
















R1 (config) #banner MOTD #----------Configure the router so that a caption is displayed when the console port is logged

Content

#---Exit

R1 (config-if) #description "TO_BJ_R2_E0"-----Description Interface

Router (config) #line console 0
Router (config-line) #password Cisco//Case sensitive spaces can also be passwords
Router (Config-line) #login

Router (config) #line vty 0 4
Router (config-line) #password Cisco---for telnet service
Router (Config-line) #login

To configure host name and IP address mapping:
Router (config) #ip host STSD 192.168.113.1
Ping stsd = Ping 192.168.113.1

To clear the Router boot configuration:
Rotuer#erase Startup-config

Router (config) #enable password 123------plaintext password
Router (config) #enable secret ABC------ciphertext password (invalid plaintext password) Note: Spaces can also be passwords
Note: When adding a privileged password for a router, the cipher password will be effective if it is provided with a plaintext password and a cipher password.






Router (config) #line console 0
Router (config-line) #exec-timeout 0 0 or no exec-timeout//Never timeout
Router (config-line) #logging synchronous//Display sync

Router (config) #no IP domain-lookup//Turn off Router's domain lookup function-------(The purpose of this command is: When we execute the command error, the router will think that this command is not error, it is only a domain name form, Then he'll explain it to you, so it's a waste of our precious time.



Configuring a router as a PC
1. Turn off the router's Routing function-----PC1 (config) #no IP routing
2. Set the interface IP address

PC1 (config) #interface Ethernet 0
PC1 (config-if) #ip address 11.1.1.4 255.255.255.0------NOTE: Set the interface IP address and enable
PC1 (config-if) #no shutdown
PC1 (config-if) #exit

3. Configuring the default gateway
PC1 (config) #ip default-gateway 11.1.1.1----------------Note: Configure the default gateway




Router#show running-config------View current configuration in RAM
Router#show startup-config------View NVRAM Configuration

Router#copy running-config startup-config------Save configuration in RAM to NVRAM
ROUTER#WR------The simplest save Configuration command

Router#copy startup-config running-config------Call the configuration in NVRAM to RAM




Configure passwords for Telnet users
R1 (config) #line vty 0 4
R1 (config-line) #password Cisco
R1 (config-line) #login/no login/local
Note:
1, after using the login command, this time when you want to telnet to this device, it will let you enter the password to enter the user mode
2, after using the no login command, this time when you are going to telnet this device, you will not need to enter the password directly into the user mode
3, after using the login local command, this time when you want to telnet this device, you not only want to enter the password, and to provide the corresponding user name to login



Rack01r1 (config) #line console 0 (=line 0)

RACK01R1 (config-line) #exec-timeout 3 0//Configuration timeout (default 10 minutes)
RACK01R1 (config-line) #exec-timeout 0 0//Never timeout
RACK01R1 (config-line) #no exec-timeout//Never timeout


6-3: Configure display synchronization
RACK01R1 (config-line) #logging synchronous//Blocks annoying console information from interrupting your current input, making the input information easier to read.



Cisco Internetwork operatetion System network operating system, typically this format: C3640-js-mz[1].122-29.bin bin is a binary file so that it can run faster
Typically stored in the flash memory of a route or switch to read faster than normal memory, such as our hard disk




Second, PING







Ping to test the connectivity of a remote host or remote site
Trace: Record every hop that has passed and return information

5. Common TCPIP Test Commands-----PING command


Common TCP/IP Test Commands-----PING command
Experiment Objective: Learn the use of ping and extended ping
Learn to use the ping command to detect network faults
1 usage and results of the normal ping command
Router#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is percent (5/5), round-trip Min/avg/max = 32/115/212 ms
2 Expansion Ping
Router#ping
Protocol [IP]: protocol used
Target IP address:3.3.3.3 Destination IP address
Repeat count [5]: Number of pings
Datagram size [100]: Packet sizes
Timeout in seconds [2]: Timeout time
Extended commands [n]: Y
Source address or interface:23.0.0.1 origin
Type of service [0]: Types of services
Set DF bit in IP header? [No]: whether sharding
Validate reply data? [No]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: LAX, strict route selection, timestamp
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 23.0.0.1
!!!!!
Success rate is percent (5/5), round-trip Min/avg/max = 40/85/216 ms






The various network functions that can be detected by using the ping command:
Ping127.0.0.1-----Ping Loopback interface is to test basic TCP/IP network configuration
Ping host IP address----test the TCP/IP address configuration of the local host
Ping Default gateway------detect if the routers on the local network and other networks are up to
Ping a domain------detect if DNS is working properly
Ping remote Destination IP address-----Detection and connectivity to the remote host



Frequently encountered problems with ping commands in routers or switches.
Exclamation mark (!): Indicates successful receipt of response information.
Period (.): Indicates a timeout in waiting for an answer.
U: Indicates that the target host is unreachable.
Q: Indicates that the target host is busy.
M: representative cannot shard (fragment).
?: Indicates an unknown packet type.
&: Indicates that the packet has no lifetime (lifetime)


Third, Telnet






Telnet

1. Show session: See which devices have been telnet to
2. Show users: see which devices are logged on to my device

3. Suspend a telnet session: Ctrl-shift-6+x
4. Return to last session: Resume 1 or double-click twice
5. Turn off Telnet session
A. Close the current session established by itself--disconnect
B. Close the session established by the remote device--clear line 11


Get information about a remote device: Telnet






Experimental purpose: By controlling R1, TELNET to R2 (12.1.1.2), R3 (13.1.1.3) for remote management of R2,R3.
Configure on R1:
R1#telnet 12.1.1.2//from R1 telnet to R2
Trying 12.1.1.2 ... Open
User Access Verification
Password:
R2>
Press <Ctrl-Shift-6> + x to switch the interface back to R1
R1#telnet 13.1.1.3//from R1 telnet to R3
Trying 13.1.1.3 ... Open
User Access Verification
Password:
R3>
Press &LT;CTRL-SHIFT-6&GT;X to switch the interface back to R1
R1#show sessions//See how many Telnet sessions are open on R1
Conn Host Address Byte Idle Conn Name
1 12.1.1.2 12.1.1.2 0 0 12.1.1.2
* 2 13.1.1.3 13.1.1.3 0 0 13.1.1.3
R1#resume 2//Reconnect to R3
[Resuming Connection 2 to 13.1.1.3 ...]
R3>
Press <ctrl-shift-6>x to switch back to R1
r1#
R1#show session
Conn Host Address Byte Idle Conn Name
1 12.1.1.2 12.1.1.2 6 10 12.1.1.2
* 2 13.1.1.3 13.1.1.3 0 0 13.1.1.3
R1#disconnect 1//From R1 is active disconnect to R2 (disconnects a Telnet session)
Closing connection to 12.1.1.2 [confirm]
Experiment on the R2:
R2#show users//on R2 to see who is logged on to the R2 router
Line User Host (s) Idle location
* 0 Con 0 idle 00:00:00
2 vty 0 Idle 00:01:52 12.1.1.1
Interface User Mode Idle Peer Address
R2#clear Line 2//found someone telnet over and clear the connection
[Confirm]
[OK]
R2#show Users
Line User Host (s) Idle location
* 0 Con 0 idle 00:00:00
Interface User Mode Idle Peer Address
Tip: Use Telnet to manage the difference between several commands.
Show session//view how many Telnet sessions the router or switch has actively opened
Show user//view this router or switch who has telnet in, can display his IP address
Disconnect//Active disconnection of the Telnet session opened by this router on this router
Clear Line//clears the remote connection, discovers a Telnet session, clears him
Ctrl+shift+6 x//telnet Session switching
Resume + Session ID//reconnect again, show session ID first



Iv. SSH



Remotely control remote devices using SSH (including network devices such as routers or switches or firewalls).
Note: SSH is based on the TCP protocol with a port number of 22
Configuration steps (SSH Server):
1. Configure the IP domain name
2. Generate the RSA keys
3. Configure the SSH timeout interval < optional >
4. Configure the SSH retries < optional >
5. Disable Vty Inbound Telnet Sessions
6. Enable Vty Inbound SSH Sessions
Example:
R1#configure Terminal
R1 (config) #ip domain-name cisco.com
R1 (config) #crypto key generate RSA General-keys modulus 512
R1 (config) #ip ssh timeout 120
R1 (config) #ip ssh authentication-retries 4
R (config) #username Cisco password Cisco
R1 (config) #line vty 0 4
R1 (config-line) #transport input None
R1 (config-line) #transport input SSH
R1 (config-line) #login Local
R1 (Config-line) #end
Configuration steps (SSH Client):
Take secure CRT for example:






Enter the user name in the prompt Cisco password Cisco can be remotely controlled.
Note: SSH replaces the advantage of Telnet, the session process of SSH is encrypted, and the session process of Telnet is clear text


Experimental 1:cisco Router base configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.