Professional Documents
Culture Documents
Baessa K.
Mettu University
Faculty of Engineering and Technology
Department of Information Technology
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
Outline
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
Overview
Outline
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
Outline
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
• Configuration mode is another mode for the Cisco CLI, similar to user
mode and privileged mode.
• User mode lets you issue non-disruptive commands and displays some
information.
• Privileged mode supports a superset of commands compared to user
mode, including commands that might harm the switch.
• However, none of the commands in user or privileged mode changes
the switch’s configuration.
• Configuration mode accepts configuration commands
• . . . commands that tell the switch the details of what to do, and how to
do it.
Outline
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
Hostnames
Hostnames
Hostnames . . .
Banners
Banners . . .
Banners . . .
Setting Passwords
Setting Passwords
Setting Passwords
Setting Passwords
• Since there’s only one console port, I can only choose line console 0.
• There are a few other important commands to know for the console
port.
• the exec-timeout 0 0 command sets the time-out for the console EXEC
session to zero, which basically means to never time out.
• The default time-out is 10 minutes
• You set the enable passwords from global configuration mode like this:
Telnet Password
Telnet Password . . .
• You need to have VTY passwords set on the routers for this to work.
• To set the user-mode password for Telnet access into the router, use
the line vty command.
• vty lines allow access to a Cisco device via Telnet
• number of vty lines supported varies with the type of device and the
IOS version
• Routers that aren’t running the Enterprise edition of the Cisco IOS
default to five VTY lines, 0 through 4.
• But if you have the Enterprise edition, you’ll have significantly more.
• The best way to find out how many lines you have is to use that
question mark:
Telnet Password . . .
1 R1 # config t
2 Enter configuration commands , one per line .
3 R1 ( config ) # line vty 0 ?
4 <1 -15 > Last Line number
5 <cr >
6 R1 ( config ) # line vty 0 4
7 R1 ( config - line ) # password telnet
8 R1 ( config - line ) # login
9 R1 ( config - line ) #^ Z
10 R1 ( config ) #
Telnet Password . . .
• Instead of Telnet, you can use Secure Shell, which creates a more
secure session than the Telnet application that uses an unencrypted
data stream.
• Secure Shell (SSH) is a protocol that provides a secure (encrypted)
command-line based connection to a remote device
• SSH is commonly used in UNIX-based systems
• Cisco IOS also supports SSH
• A version of the IOS software including cryptographic (encrypted)
features an capabilities is required in order to enable SSH on Catalyst
2960 switches
• Because its strong encryption features, SSH should replace Telnet for
management connections
• SSH uses TCP port 22 by default. Telnet uses TCP port 23
• SSh Operation
1 Set your hostname:
1 Router ( config ) # hostname R1
2 Set the domain name (both the hostname and domain name are
required for the encryption keys to be generated):
3 Set your hostname:
• service password-encryption
• prevents passwords from showing up as plain text when viewing the
configuration
• purpose of this command is to keep unauthorized individuals from
viewing passwords in the configuration file
• once applied, removing the encryption service does not reverse the
encryption
Outline
2 Basic Configuration
Configuring Cisco IOS Software
Router and Switch Administrative Configurations
Viewing, Saving, and Erasing Configurations
Configuration Files I
running-config vs startup-config
• You can manually save the file from DRAM to NVRAM by using the
copy running-config startup-config command (you can use the
shortcut copy run start also):
1 R1 # copy running - config startup - config
• Also, when the command asked for the destination filename, the
default answer was startup-config.
• You can view the files by typing show running-config or show
startup-config from privileged mode.
• The sh run command, which is a a shortcut for show running-config,
tells us that we are viewing the current configuration:
1 S1 # show running - config
Configuration Files II
running-config vs startup-config . . .
• show startup-config command
• shows us the configuration that will be used the next time the router is
reloaded.
• It also tells us how much NVRAM is being used to store the
startup-config file
1 S1 # show startup - config
1 Switch # reload
2 System configuration has been modified . Save ?[ yes / no ]: n
3 Proceed with reload ? [ confirm ]
Active Configuration
• show running-config
• show startup-config
1 Router # sh int f0 /0
2 FastEthernet0 /0 is up , line protocol is up
3 Hardware is MV96340 Ethernet , address is 001 a .2 f55 . c9e8
( bia 001 a .2 f55 . c9e8 )
4 Internet address is 192.168.1.33/27
5 MTU 1500 bytes , BW 100000 Kbit , DLY 100 usec ,
reliability 255/255 , txload 1/255 , rxload 1/255
6 .....
7 Router #
• Notice that serial 0/0 has a DTE cable, whereas the serial 0/1
connection has a DCE cable.
• Serial 0/1 would have to provide clocking with the clock rate
command.
• Serial 0/0 would get its clocking from the DSU.