Router & Switch Basic Configuration

 Basic Commands

Hostname command

The hostname command is used for configuring device hostname. And it must be entered in global configuration mode of a router or a switch. After typing this command, the prompt will change and display new hostname.

An example that shows you that how to change a hostname of a router.
First, We need to enter the global configuration mode by typing "enable" command in user EXEC mode and configuration terminal commands in privileged EXEC mode. And inside the global configuration mode, type command "hostname R1"

hostname command

No shutdown command

All interfaces on a Cisco router are turned off by default. To enable an interface, And the no shutdown command is use. You first need to enter the sub mode of interface that you want  configure. We can do that by using global configuration mode command interfaces INTERFACE_TYPE/ INTERFACE_NUMBER. We can get lists of available interfaces by typing the ‘?’ character after the interfaces command.

You may noticed that a prompt has changed to reflects the modes you are currently in. For the interfaces modes the HOSTNAME#(config-if) prompt is shows.

Inside the interface mode, you can enable an interface by entering no shutdown command.

no shutdown command

IP address command

IP address command is used for assigning a IP to an interfaces. The syntax of IP address command is "ip address IP_ADDRESS SUBNET_MASK". Such that, if we want to assign an IP address 10.0.0.1 with subnet mask 255.0.0.0 to a interface, So we use the below command:

ip address 10.0.0.1 255.0.0.0

 
What if you made a mistake and written this IP address "ip address 10.0.0.2 255.0.0.0" command instead of above command? SO, you can remove by typing the same command, but this time with the "no" keyword in front of IP address command, in such case no ip address. You can remove command from your IOS configuration by adding the "no" keyword in front of the commands.

ip address command

Setting up passwords

Every Cisco IOS devices has the built-in authentications feature. There are three basic ways to configures authentications on a devices:

  • Configure a password on console port – The console access does not requires a password by default. We can configure a password on console port by using the below sets of commands:

 

HOSTNAME(config) line console 0
HOSTNAME(config-line) password PASSWORD 
HOSTNAME(config-line) login

Now, a user need to type password when trying to the console port.

console password prompt

  • Configure password for accessing telnet – The telnet access is disabled by default. You need to enabled it. This is done using the below sets of commands:

 

HOSTNAME(config) line vty FIRST_VTY LAST_VTY
HOSTNAME(config-line) password PASSWORD
HOSTNAME(config-line) login

The first line command define a range of virtual terminal sessions that like to configure. A virtual session be telnet or SSH session. Cisco devices support 16 VTY sessions. So, this command looks like "line vty 0 15" on a configuration mode.
The login command allow remote access to device. It is required for telnet to work.
telnet password

  • Configure a password for accessing privileged EXEC mode – The privileged EXEC mode we can enter the global configurations mode and changed the configurations of a device. SO, it is important to secure an unauthorized access or user from entering global configuration mode. We can do the can do that by adding the enable password to enter the privileged EXEC mode. This can be done with two below ways:

 

HOSTNAME(config) enable password PASSWORD
HOSTNAME(config) enable secret PASSWORD

Both of the above commands adept the same things, but with one difference. The enable password secret PASSWORD command encrypts the passwords, while the enable password PASSWORD command does not, which means that unauthorized users could just read a password from the device configurations:

enable password command

Note that how the password is visible in the device configuration.

Service password-encryption command

Password configureds using the enable password commands and passwords for the console or telnet access are stored in clear text or human readable form  in the configuration file by default. which present the security risk because attacker could easily find out password. And the global configuration command service password-encryption command encrypts all passwords.

It's important to note this type of password encryption is not considered for especially secure, since the algorithm used can be easily cracked this password. Cisco recommends using this command only with an additional security measures.

Configurations of banners

You display a banner on Cisco devices. A banner is usually shows you before the login . It's some text that appears on the screen when a user connect to device.

The most commonly use banner is Message Of The Day (MOTD) banners. this is shown before the login prompt to each user that is trying to create a session with the devices. The below global configuration commands is used to configure a MOTD banners:

hostname(config) banner motd DELIMITING_CHARACTER TEXT DELIMITING_CHARACTER

A delimiting characters is a characters of your choices. Its purpose is that to signify the start and end of a text that will show in the banner. Such that, command banner motd # Unauthorized access forbidden! # will show the text: Unauthorize access forbidden..

banner motd

Show version command

The show version command is used for displaying information about devices. The command can be enter in both the user EXEC mode and privileged EXEC mode. with the help of this command we can find out many useful information's about your device,

  • Software's Version – IOS software's versions.
  • System up-time – time since last reboot.
  • Software image – IOS filename which is stored in flash memory.
  • Hardware Interfaces.
  • Configuration Registers value – bootup specification, console speed, etc.
  • RAM memory – amount of RAM memory
  • NVRAM memory
  • Flash memory

 

The below example shows you output of the command:

show version command

Show history command

By default, 10 last command you entered in your current EXEC session. We can use the show history command on the user EXEC or privileged EXEC mode to display.

show history command

We set a number of commands saved in the buffer memory for the current terminal session with help of the terminal history size NUMBER commands from the user EXEC mode or privilege EXEC mode.

NOTE
We have another way to recall commands from the history buffer with using the up arrow key on your keyboard. Most recent commands is recalled first


Show running-configuration and show startup-configuration command:

After you changed the configurations of devices you verify its configuration. To display current configurations, type show running-configuration on the privileged EXEC mode. This command shows the configurations of that is stored in a device’s RAM.

show running config

After you stored your running configurations into startup configuration, you can view the save configurations by using show startup-config command on the privileged EXEC mode.

This shows you the  configuration that is currently store in device’s NVRAM. This configuration will be loaded on next time the device is restart.

show startup config

Ravi

Posted by Ravi

Post a Comment

0 Comments