You are on page 1of 52

Configuring Network Devices

Working at a Small-to-Medium Business or ISP Chapter 5

Version 4.1

Objectives
Configure a router with an initial configuration. Use Cisco SDM to configure a Cisco ISR with LAN connectivity, Internet connectivity and NAT. Configure a Cisco router for LAN connectivity, Internet connectivity and NAT using the Cisco IOS CLI. Configure a WAN connection from customer premises to an ISP. Describe, setup and configure a standalone LAN switch.

ISR (Integrated Services Router combines routing, LAN switching, security, voice, & WAN connectivity features. Ideal for small to medium-sized businesses & ISP managed customers.

Initial ISR Router Configuration

Initial ISR Router Configuration


Cisco IOS offered in modules called images IP Base image: entry-level Cisco IOS Images are specific to models of devices

Cisco 1841 Modular router


Table 1 Memory Requirements for Cisco 1841 Modular Router
Flash RAM

Platform
Cisco 1841

Feature Set
IP Base IP Voice Enterprise Base Advanced Security SP Services Enterprise Services Advanced IP Services Advanced Enterprise Services

Image
c1841-ipbase-mz c1841-ipvoice-mz c1841-entbase-mz c1841-advsecurityk9mz c1841-spservicesk9-mz c1841-entservicesk9mz

Memory1
64 MB 64 MB 32 MB 64 MB 64 MB 64 MB

Memory
128 MB 192 MB 128 MB 192 MB 192 MB 192 MB 192 MB

c1841-advipservicesk9- 64 MB mz c1841-adventerprisek9mz 64 MB

192 MB

CISCO IOS Image: Types of Images


Two main types of image your router may use: 1. System image - complete Cisco IOS software. This image is loaded when your router boots and is used most of the time. On most platforms, the image is located in Flash memory. 2. Boot image - A subset of the Cisco IOS software. This image is used to perform network booting or to load Cisco IOS images onto the router. This image is also used if the router cannot find a valid system image. Depending on your platform, this image may be called xboot image, rxboot image, bootstrap image, or boot loader/helper image.

On some platforms, the boot image is contained in ROM. In others, the boot image can be stored in Flash memory. On these platforms, you can specify which image should be used as the boot image using the boot bootldr global configuration command. Refer to your hardware documentation for information about the boot image used on your router.

Image Naming Convention


You can identify the platform, features and image location by the image name. Naming convention is: platform features type Example: c2600-js-l_121-3.bin
c2600 js l 121-3 hardware platform features set (enterprise) file format (relocatable, not compressed) version & release # (version 12.1 release 3)

Image Naming Convention - continued


Platform variable platform that can use image For example c1700, c2600, c7000 Features feature sets supported by image. Type can contain following characters fThe image runs from Flash memory. mThe image runs from RAM. rThe image runs from ROM. lThe image is relocatable. zThe image is zip compressed. xThe image is mzip compressed.

Initial ISR Router Configuration


Tools and equipment required for setup:

Initial ISR Router Configuration

Three-stage bootup process: Power-on self test (POST) Locate and load Cisco IOS Locate startup configuration file or enter setup mode

Bootup Process - contd


POST (Power On Self Test) test hardware After POST, the bootstrap program is loaded Bootstrap locates IOS and loads it into RAM IOS can be located flash memory, TFTP server, or another location By default, IOS loads from flash After IOS is loaded, bootstrap locates startup configuration file in NVRAM (non-volatile random access memory) Startup configuration when loaded into RAM (working memory), it become the running configuration.

Loading Cisco IOS


Get default IOS from FLASH Flash empty

Get IOS from TFTP Server


TFTP Server empty Get limited Cisco IOS from ROM

Show version command output

Router>show version IOS version Bootstrap program stored in ROM Complete filename of IOS Type of CPU; amount of RAM Number & type of interfaces Amount of NVRAM (used to store startup config) Amount of Flash (used to store IOS Configuration register in hex

Configuration register
Default setting 0x2102 (remember this?) Loads IOS from flash Loads startup-config from NVRAM Most common settings
0x2142 ignores contents of NVRAM/configuration 0x2120 The router into ROMmon mode

http://www.cisco.com/en/US/products/hw/routers/ps13 3/products_tech_note09186a008022493f.shtml **Go to Configuration Register Values & Their Meaning.

Initial ISR Router Configuration


Verifying and troubleshooting bootup process: View output from the show version command

Use dir flash: and boot flash: in ROMmon mode


View boot system commands
[see miage below on next slide]

Initial ISR Router Configuration

(continued)

Initial ISR Router Configuration


(continued)

Out-of-band management for initial configuration In-band management over a network connection
In-Band Out-of-Band

Terminal emulation

HTTP or Telnet

Initial ISR Router Configuration


(continued)

Command Line Interface (CLI): textbased program Can be used in both in-band or out-ofband Extensive help system [see image below
on next slide]

Initial ISR Router Configuration


(continued)

SDM
Security Device Manager (SDM): web-based GUI In-Band only SDM Express (Basic) or Full package (Advanced configuration) Comes preinstalled in flash

CLI vs. SDM


CLI
User Interface Term Emulation software Telnet Configuration Method Expertise in Cisco Device Config. Text-based Cisco commands Depends on the config task GUI buttons & text boxes Do not need knowledge of CLI commands

SDM
Web-based browser

Help Features
Flash Requirements

Command-prompt based
Covered by IOS requirements

GUI based online help & tutorials


6MB of free memory

Availability
What Its Used

ALL Cisco devices


When device does not support SDM

Cisco 830 series thru Cisco 7301


Initial config of SDM equipped device

Using Cisco SDM Express and SDM


Follow best practices for installing a new device to ensure correct functions

Using Cisco SDM Express and SDM


Eight SDM Express configuration screens:

Overview Basic configuration LAN IP address DHCP Internet (WAN) Firewall Security settings Summary

Using Cisco SDM Express and SDM


Use Basic NAT Wizard to configure dynamic NAT with PAT

Configuring a Router Using IOS CLI


CLI command modes: two levels of access

Configuring a Router Using IOS CLI


Configuration modes can alter the operation of the device

Configuring a Router Using IOS CLI


Help features: Command completion Error indicators Command history
Enabled by default Records 10 command Max 256 commands history size command

Arrow and function keys

Configuring a Router Using IOS CLI


Show commands display configuration and operation information
R#show run R#show interfaces R#show ip route R#show protocols

Configuring a Router Using IOS CLI


Use Cisco IOS CLI to perform an initial router configuration

Configuring a Router Using IOS CLI


Configure serial and Ethernet interfaces on a router

(DTE) Data Terminal Equipment endpoint of users device on the WAN link; Cisco routers (DCE) Data Communications Equipment; provides clock rate; modem; converts data from router to acceptable format to cross the WAN If back-to-back router scenario, one of the routers will be DCE and one DTE.

Configuring a Router Using IOS CLI


Configure a default route for the Cisco router Default route used when router does not know where to send a packet.
IP address of next-hop router Or port number

Configuring a Router Using IOS CLI


Configure a Cisco router to function as a DHCP server

Configuring a Router Using IOS CLI


Configure static NAT on a Cisco router to enable Internet access for an internal server

Configuring a Router Using IOS CLI


Back up and restore configuration files using a TFTP server

Configuring a Router Using IOS CLI


Capture and save configuration file output from a terminal session

Connecting the CPE to the ISP


Customer Premise Equipment (CPE) network devices installed at customer location. Configuration checklists ensure that all configuration requirements are met

Connecting the CPE to the ISP


Use inventory and configuration checklists and an installation plan to ensure successful installation

Connecting the CPE to the ISP


Documentation includes diagrams, checklists, and activity logs

Connecting the CPE to the ISP


Types of customer connections over a WAN: Point-to-point: often called leased lines; typically most expensive; price based on bandwidth & distance between 2 points Circuit-switched similar to a phone call made over a phone network; example is ISDN or dialup connection; physical circuit reserved from source to destination Packet-switched each customer has a virtual circuit; example is Frame Relay

Customer Connections over WAN


Bandwidth and cost influence WAN choices

Connecting the CPE to the ISP


Clock rate and serial encapsulation are needed when configuring serial WAN connections Clock rate is set by DCE DTE accepts clock rate Leased WAN connections use serial connection & require Channel Service Unit/Data Service Unit (CSU/DSU

DCE

DTE

Initial Cisco 2960 Switch Configuration

Fixed-configuration, standalone devices does not use modules or flash card slots. Physical configuration cant be changed. Layer 2 device that directs stream of message coming in from one port, our of another based on destination MAC address. Configured using GUI or CLI

Cisco 2960 switch


Comes preconfigured Needs to be assigned basic security info Basic commands (ex: hostname, passwords) sames as ISR switch. Configure management IP address One virtual local area network, VLAN 1 is preconfigured to provide access to management functions.

Initial Cisco 2960 Switch Configuration


Switch settings can be configured using the Cisco IOS CLI Assign an IP address to the default management virtual local area network, VLAN1

Initial Cisco 2960 Switch Configuration


Check switch components Connect cables to the switch Power up the switch and observe POST

Initial Cisco 2960 Switch Configuration


Connect the stand-alone LAN switch to the router and verify connectivity Configure port security to prevent unauthorized use Shut down unused ports

Switch port security


Port security limits the # of MAC addresses allowed per port. Set port to access mode using switchport mode access command 3 ways to configure port security: Static MAC addresses are manually assigned using switchport port-security mac-address [mac-address] interface config command.

S1# configure terminal S1(config-if)#interface fastethernet 0/20 S1(config-if)#switchport mode access S1(config-if)#switchport port-security mac-address 1000.2000.3000 S1(config-if)#end

Switch port - contd


Dynamic MAC addresses are dynamically learned & stored in address table # of addresses stored can be controlled; default is one address. If port is shut down or switch is restarted, address learned are cleared from the table
S1# configure terminal
S1(config-if)#interface fastethernet 0/20 S1(config-if)#switchport mode access S1(config-if)#switchport port-security S1(config-if)#end

Switch port - contd


Sticky similar to dynamic Addresses learned are saved to the running-config
S1# configure terminal S1(config-if)#interface fastethernet 0/20 S1(config-if)#switchport mode access S1(config-if)#switchport port-security S1(config-if)#switchport port-security maximum 50 S1(config-if)#switchport port-security mac-address sticky S1(config-if)#end

Initial Cisco 2960 Switch Configuration


Cisco Discovery Protocol (CDP) gathers information about directly-connected Cisco network devices Two Cisco devices directly connected on the same local network are called neighbors

Summary
The Integrated Services Router (ISR) is a good choice for small to medium businesses and ISP-managed customers. ISRs can be initially configured using SDM or the router IOS CLI. When using the CLI, show commands verify configuration elements. An installation plan can minimize disruption to a network when new devices are being added.