Professional Documents
Culture Documents
CCNA Complete Introduction
CCNA Complete Introduction
Presented By
Mark Tinka (Uganda)
Security (passwords)
Running configuration
In RAM, determines how the router is currently operating
Is modified using the configure command
To see it: show running-config
Startup confguration
In NVRAM, determines how the router will operate after
next reload
Is modified using the copy command
To see it: show startup-config
.1 .2
A B
81.199.108.80/28 81.199.108.96/28
.3 .4
C D
81.199.108.0/28
81.199.108.112/28 81.199.108.128/28
.5 .6
E F
81.199.108.144/28 81.199.108.160/28
.7 .8
G H
81.199.108.176/28 81.199.108.192/28
.9 .10
I J
81.199.108.208/28 81.199.108.224/28
Cisco Router Configuration AfNOG 2003 / Track 2 # 15
New Router Configuration Process
Router#configure terminal
Router#(config)hostname RouterA
RouterA#(config)line console 0
RouterA#(config-line)password cisco
RouterA#(config-line)login
Cisco Router Configuration AfNOG 2003 / Track 2 # 16
New Router Configuration Process
Configure interfaces
RouterA#(config)interface ethernet 0/0
RouterA#(config-if)no shutdown
Router(config-router) – router
configuration
prompt
Interface:
interface ethernet0/0
ip address n.n.n.n m.m.m.m
Router:
router ospf 1
network n.n.n.n w.w.w.w area 0
Line:
line vty 0 4
hostname track2-afnog
enable-password track2
service password-encryption
ip classless
ip name-server n.n.n.n
no ip domain-lookup
router ospf 1
no router ospf 1
no ip address
Description
router(config-if)#description ethernet
link to admin building router
ip classless
ip subnet-zero
no ip domain-lookup
no shutdown
no ip proxy-arp
no ip redirects
Cisco Router Configuration AfNOG 2003 / Track 2 # 28
Looking At The Configuration
router#configure term
router(config)#ip classless
router(config)#ip subnet-zero
router(config)#int e0/1
router(config-if)#ip addr n.n.n.n m.m.m.m
router(config-if)#no shut
router(config-if)#^Z
router#?
router#show ?
router#show ip ?
router#con?
configure connect
This is different:
hostel-rtr#conf ?
memory Configure from NVRAM
network Configure from a TFTP network host
overwrite-network Overwrite NV memory from TFTP...
network host
terminal Configure from the terminal
<cr>
router(config)#ip a?
accounting-list accounting-threshold
accounting-transits address-pool alias
as-path
router(config)#int e0/0
router(config-if)#ip a?
access-group accounting address
Line editing
left-arrow, right-arrow moves cursor inside command
Router#erase startup-config
OR
Router#write erase
Router#reload
Are used with the host/network address to tell the router a range
of addresses to filter
Examples:
– to specify a host:
81.199.108.1 0.0.0.0
– to specify a small subnet:
81.199.108.8 – 81.199.108.15 (would be
a /29)
Examples cont’d:
81.199.108.0 0.0.0.255
81.199.108.0 0.0.3.255
Cisco Router Configuration AfNOG 2003 / Track 2 # 49
Access Control List Example
Router(config)#Access-list access-list-number {permit|deny}{test
conditions}
line vty 0 4
access-class 1 in
81.199.108.1 81.199.108.81
Non 81.199.108.0
E0 S0 E1 81.199.108.82
Interface ethernet 0
ip access-group 1 out
interface ethernet 1
ip access-group 1 out
81.199.108.10 81.199.108.225
Non 81.199.108.0
E0 S0 E1 81.199.108.226
Are more scalable and flexible than access control lists and
distribute lists
Unlike access control lists, you don’t have to delete the entire
access list when adding or deleting entries
config t
ip prefix-list list-name {seq seq-value}
{permit|deny} network/len {ge ge-value}
{le le-value}
– <Enter>, then ~# OR
– Ctrl-], then Break or Ctrl-C
– Ctrl-A F
Router>enable
Router#conf m or copy start run (only!!!)
Router#show running or write terminal
Router#conf t
Router(config)enable secret forgotten
Router(config)int e0/0…
Router(config-if)no shut
Router(config)config-register 0x2102
Router(config)Ctrl-Z or end
Router#copy run start or write memory
Router#reload
Cisco Router Configuration AfNOG 2003 / Track 2 # 67
Using TFTP To Manage Your Router’s
Software
Enable TFTP on your FreeBSD machine:
#vi /etc/inetd.conf
(uncomment the #tftp line)
#killall –HUP inetd
(restart INETD and load TFTPD)
#netstat –an
(check to see TFTP port is bound)
#touch /tftpboot/cisco-router
(create the router data for TFTP)
#chmod 666 /tftp/cisco-router
(make the data file world writeable)