Thursday, 29 March 2012

SDM


Cisco Router and Security Device Manager (SDM) is a Web-based device-management tool for Cisco routers that can 

improve the productivity of network managers, 

simplify router deployments, and 

help troubleshoot complex network and VPN connectivity issues.


It ships preinstalled on all new Cisco 850 Series, Cisco 870 Series, Cisco 1800 Series, Cisco 2800 Series, and Cisco 3800 Series integrated services routers.

Network and security administrators and channel partners can use Cisco SDM for faster and easier deployment of Cisco routers for integrated services such as dynamic routing, WAN access, WLAN, firewall, VPN, SSL VPN, IPS, and QoS.
Posted by at No comments:

Saving Backup Copies of Your Configuration and System Image


Saving Backup Copies of Your Configuration and System Image 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
copy nvram:startup-config {ftp: | rcp: | tftp:}
Example:
Router# copy nvram:startup-config ftp:
Copies the startup configuration file to a server.
The configuration file copy can serve as a backup copy.
Enter the destination URL when prompted.
Step 3 
show flash:
Example:
Router# show flash:
Displays the layout and contents of a flash memory file system.
Learn the name of the system image file.
Step 4 
copy flash: {ftp: | rcp: | tftp:}
Example:
Router# copy flash: ftp:
Copies a file from flash memory to a server.
Copy the system image file to a server to serve as a backup copy.
Enter the filename and destination URL when prompted.

 

Posted by at No comments:

Saving Your Router Configuration


Saving Your Router Configuration 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
copy running-config startup-config
Example:
Router# copy running-config startup-config
Saves the running configuration to the startup configuration.

 

Posted by at No comments:

Verifying Network Connectivity


Verifying Network Connectivity 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
ping [ip-address | hostname]
Example:
Router# ping 172.16.74.5
Diagnoses basic network connectivity.
To verify connectivity, ping the next hop router or connected host for each configured interface to.
Step 3 
telnet {ip-address | hostname}
Example:
Router# telnet 10.20.30.40
Logs in to a host that supports Telnet.
If you want to test the vty line password, perform this step from a different network device, and use your router's IP address.

 

Posted by at No comments:

Configuring Virtual Terminal Lines for Remote Console Access


Configuring Virtual Terminal Lines for Remote Console Access 

 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3 
line vty line-number [ending-line-number]
Example:
Router(config)# line vty 0 4
Starts the line configuration command collection mode for the virtual terminal lines (vty) for remote console access.
Make sure that you configure all vty lines on your router.
Note To verify the number of vty lines on your router, use the line vty ? command.
Step 4 
password password
Example:
Router(config-line)# password guessagain
Specifies a password on a line.
Step 5 
login
Example:
Router(config-line)# login
Enables password checking at login.
Step 6 
end
Example:
Router(config-line)# end
Returns to privileged EXEC mode.
Step 7 
show running-config
Example:
Router# show running-config
Displays the running configuration file.
Verify that you properly configured the virtual terminal lines for remote access.
Step 8 
From another network device, attempt to open a Telnet session to the router.
Example:
Router# telnet 172.16.74.3 
or
Router#172.16.74.3
Password:
Verifies that you can remotely access the router and that the virtual terminal line password is correctly configured.
Posted by at No comments:

Specifying a Default Route or Gateway of Last Resort


Specifying a Default Route or Gateway of Last Resort 

 

 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3 
ip routing
Example:
Router(config)# ip routing
Enables IP routing.
Step 4 
ip route dest-prefix mask next-hop-ip-address [admin-distance] [permanent]
Example:
Router(config)# ip route 192.168.24.0 255.255.255.0 172.28.99.2
Establishes a static route.
Step 5 
ip default-network network-number
or
ip route dest-prefix mask next-hop-ip-address
Example:
Router(config)# ip default-network 192.168.24.0
Example:
Router(config)# ip route 0.0.0.0 0.0.0.0 172.28.99.1
Selects a network as a candidate route for computing the gateway of last resort.
Creates a static route to network 0.0.0.0 0.0.0.0 for computing the gateway of last resort.
Step 6 
end
Example:
Router(config)# end
Returns to privileged EXEC mode.
Step 7 
show ip route
Example:
Router# show ip route
Displays the current routing table information.
Verify that the gateway of last resort is set.
Posted by at No comments:

Configuring Fast Ethernet and Gigabit Ethernet Interfaces


Configuring Fast Ethernet and Gigabit Ethernet Interfaces 

 

 

DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
show ip interface brief
Example:
Router# show ip interface brief
Displays a brief status of the interfaces that are configured for IP.
Learn which type of Ethernet interface is on your router: Fast Ethernet or Gigabit Ethernet.
Step 3 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 4 
interface {fastethernet | gigabitethernet} 0/port
Example:
Router(config)# interface fastethernet 0/1
Example:
Router(config)# interface gigabitethernet 0/0
Specifies the Ethernet interface and enters interface configuration mode.
Note For information on interface numbering, see the quick start guide that shipped with your router.
Step 5 
description string
Example:
Router(config-if)# description FE int to 2nd floor south wing
(Optional) Adds a description to an interface configuration.
The description helps you remember what is attached to this interface. The description can be useful for troubleshooting.
Step 6 
ip address ip-address mask
Example:
Router(config-if)# ip address 172.16.74.3 255.255.255.0
Sets a primary IP address for an interface.
Step 7 
no shutdown
Example:
Router(config-if)# no shutdown
Enables an interface.
Step 8 
end
Example:
Router(config)# end
Returns to privileged EXEC mode.
Step 9 
show ip interface brief
Example:
Router# show ip interface brief
Displays a brief status of the interfaces that are configured for IP.
Verify that the Ethernet interfaces are up and configured correctly.
Posted by at No comments:

Configuring the Console Idle Privileged EXEC Timeout


Configuring the Console Idle Privileged EXEC Timeout 

 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3 
line console 0
Example:
Router(config)# line console 0
Configures the console line and starts the line configuration command collection mode.
Step 4 
exec-timeout minutes [seconds]
Example:
Router(config-line)# exec-timeout 0 0
Sets the idle privileged EXEC timeout, which is the interval that the privileged EXEC command interpreter waits until user input is detected.
The example shows how to specify no timeout.
Step 5 
end
Example:
Router(config-line)# end
Returns to privileged EXEC mode.
Step 6 
show running-config
Example:
Router# show running-config
Displays the running configuration file.
Verify that you properly configured the idle privileged EXEC timeout.
Step 7 
exit
Example:
Router# exit
Exits privileged EXEC mode.
Note For the exec-timeout command to take effect, you must exit from the EXEC mode and login again.

 

Posted by at No comments:

Configuring the Enable and Enable Secret Passwords


Configuring the Enable and Enable Secret Passwords 

 

 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3 
enable password password
Example:
Router(config)# enable password pswd2
(Optional) Sets a local password to control access to various privilege levels.
We recommend that you perform this step only if you boot an older image of the Cisco IOS software or if you boot older boot ROMs that do not recognize the enable secret command.
Step 4 
enable secret password
Example:
Router(config)# enable secret greentree
Specifies an additional layer of security over the enable password command.
Do not use the same password that you entered in Step 3.
Step 5 
end
Example:
Router(config)# end
Returns to privileged EXEC mode.
Step 6 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Verify that your new enable or enable secret password works.
Step 7 
end
Example:
Router(config)# end
(Optional) Returns to privileged EXEC mode.
Posted by at No comments:

Configuring the Router Hostname


Configuring the Router Hostname 

 


DETAILED STEPS


 
Command or Action
Purpose
Step 1 
enable
Example:
Router> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2 
configure terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3 
hostname name
Example:
Router(config)# hostname myrouter
Specifies or modifies the hostname for the network server.
Step 4 
Verify that the router prompt displays your new hostname.
Example:
myrouter(config)#
Step 5 
end
Example:
myrouter# end
(Optional) Returns to privileged EXEC mode.
Posted by at No comments:

service password-encryption command

service password-encryption command

The service password-encryption global configuration command directs the Cisco IOS software to encrypt the passwords, Challenge Handshake Authentication Protocol (CHAP) secrets, and similar data that are saved in its configuration file. Such encryption is useful in order to prevent casual observers from reading passwords, such as when they look at the screen over the muster of an administrator. However, the algorithm used by the service password-encryption command is a simple Vigenère cipher.

Command to use

 enable

conf t

service password-encryption

use following link for details

 http://www.cisco.com/E-Learning/bulk/public/celc/CRS/media/targets/2_1_6.swf


 to view password use the following link

http://www.anythingoverip.co.za/tutorials/course-content/snd/decrypting-type-7-passwords-enable-password/

helps user to decrypt password of Type 7 encryption
Posted by at No comments:

ROUTER BOOT PROCESS

Posted by at No comments:

Configuring Telnet on Router

Configuring Telnet on Router

en

conf t

username ranjeet password ccna

line vty 0 15

login local

exit

int f0/0

ip  add 192.168.0.254 255.255.255.0

no shut

exit



from client

telnet 192.168.0.254

(Note: to successfully login with telnet or ssh you have to set ENABLE mode password)
Posted by at No comments:

Tuesday, 27 March 2012

SSH Configuration on PT

There are four steps required to enable SSH support on a Cisco IOS router:

    Configure the hostname command.

    Configure the DNS domain.

    Generate the SSH key to be used.

    Enable SSH transport support for the virtual type terminal (vty).

ON ROUTER

hostname router1
username ranjeet password ccna
ip domain-name indiancan.com
crypto key generate rsa
(Key size : 768 :ssh1.5 and ssh2)
ip ssh version 2
line vty 0 4
transport input SSH and telnet
exit
int f0/0
ip add 192.168.0.254 255.255.255.0
no shut

ON CLIENT

ssh -L ranjeet 192.168.0.254
Posted by at 2 comments:
Subscribe to: Comments (Atom)