Friday, 21 June 2013

How to Configure a Serial Cable Connection - ITNetCanada Lesson #2

In this lesson by ITNetCanada, we will be looking at how to configure a serial connection between 2 routers. This is quite a simple lesson but when I got into routers I had no idea what to do, all i did was connect the cables and expect them to work (I was 9).
To get started, here's what you'll need:
- 2 Routers
- Serial Cable

*For both routers to ping each other you will need to configure an IP address. I will be doing so in this example. Unlike the last lesson, I will not have steps. I will simply go through the configuration.

Here is my topology:

As you can see I have made a simple topology consisting of 2 routers connected with a serial cable. I've made IP addresses from the network 192.168.64.32 and I will assign them to the routers for connectivity.

*I assume there is a base configuration on both routers.

Here is the Configuration:

R1>enable
R1#configure terminal
R1(config)#interface serial 0/0    <---- Port
R1(config-if)#no shutdown
R1(config-if)#ip address 192.168.64.33 255.255.255.240
R1(config-if)#clock rate 64000   <-------- R1 has the "DCE" side of the cable attached. A clockrate must be set.

R1 is Set! Now R2.

R2>enable
R2#configure terminal
R2(config)#interface serial 0/0   <---- Port
R2(config-if)#no shutdown
R2(config-if)#ip address 192.168.64.34 255.255.255.240

*No clockrate must be set as R2 has the "DTE" side of the cable.

Now both routers are configured for a serial connection! Both are also ping-able because an ip address was set. Your routers are up and running.

Monday, 17 June 2013

How to Configure a Cisco Router with Base Configurations - ITNetCanada Lesson #1

Materials:
- Router
- One computer
- Console cable (can easily find on ebay)
- Terminal emulation software (Hyper terminal on most windows OS's)

What to do:
- Erase current configuration (if any)
- Put a hostname
- Enable secret password
- Password for console line
- VTY line password and login
- Logging synchronous on the VTY and Console line
- Encrypt all the passwords in the running config with service password-encryption
- MOTD Banner (optional)

*Routing and IP Addresses will not be in the base configuration
*Always skip the initial configuration dialog! It's much easier to configure a router once you learn how to use the CLI (Cisco Command Line), and you have so much more control!

Steps

1. Erase the Configuration

This step is fairly simple. This is what you have to do:

Router>enable
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue?  [confirm]   <-----Press enter
*Wait some time*
[OK]
Erase of nvram: complete
Router#reload
Proceed with reload?  [confirm]  <-----Press enter


*Router reloads, router information and copyright gibberish pops up.*

Would you like to enter the initial configuration dialog?  [yes/no]: no

Press RETURN to get started!

Router>

Now you're right back to a router with no configuration! Continue onto the next step for how to configure a hostname.


2. Configure a Hostname

Let's start from where we left off. From here on you can use the TAB key to finish off commands for you. For example, instead of typing enable, you can type en, then press TAB! Just type enough keys to differentiate this command from other commands. I however, will still be showing you the commands in their entirety, to make it a little easier!

Router>enable
Router#configure terminal
Router(config)#hostname _____________   <---- Insert here whatever you would like your router's name to be. In this example I will be using RouterTest.
Router(config)#hostname RouterTest
RouterTest(config)#   <------- As you can see, the router's name has changed! Success!



Congratulations, you've just configured the hostname! Continue onto the next step for how to configure a secret password.

3. Configure an Enable Secret Password

In this step i'll show you how to make your router secure and away from the hands of evil! TIP: To exit out of a configuration mode, type exit (obviously). This command will take you to the last mode you were on (Example: RouterTest(config)#exit ------>  RouterTest#  <--- makes it into privileged mode.) To see all the configuration modes click here: http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf019.html#wp1000898

We're going to start from User EXEC Mode.

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#enable secret _______________  <------ Put here whatever you would like your password for your router to be. In this example I will be using cisco.

RouterTest(config)#enable secret cisco
RouterTest(config)#

And your done! The password has been set and your precious router is secure. Continue onto the next step for how to make a password for your console line!

4. Create a Password for your Console Line

This step will show you how to make a password for your console line! (Just in case you didn't read the title)

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#line console 0
RouterTest(config-line)password _________  <-------- Insert here the password you would like for your console (If anyone plugs into your router through the console port). For this example, I will use cisco.

*cisco IS THE WORST PASSWORD FOR A CISCO ROUTER. THIS IS JUST AN EXAMPLE.

RouterTest(config-line)password cisco
RouterTest(config-line)

Voila! Password for the console line is set. Now you can sleep without any worries... Continue onto the next step for how to get your VTY lines running (telnet/SSH).

5. Get your telnet running. Set a password and login.

This step is much like the last step, just a few changes. This will be done in the VTY line. This is how it's done:

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#line vty 0 4
RouterTest(config-line)#login
RouterTest(config-line)#password __________   <------- Insert your desired password. This is the password for when you telnet/SSH to this router. For this example, I will use cisco.

RouterTest(config-line)#password cisco
RouterTest(config-line)#

Fantastic! You've got telnet up and running! Continue onto the next step for how to configure logging synchronous on the VTY and Console lines!

6. Configure logging synchronous on the VTY and Console lines

This step is quick and easy, but it's quite important (in my opinion). When the command is issued it enters the command you were typing on a new line if it was interrupted by a router status message. Here is an example of what would happen if it was not enabled:

RouterTest(config)#interface loopback 
*Jan 1 00:27:55.987: %LINK-5-CHANGED: Interface Loopback99, changed state to administratively down
*Jan 1 00:29:56.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback99, changed state to down99

As you can see the command was interrupted by a router status message and continued after the message, not on a new line. This is what it would look like if it was enabled:

RouterTest(config)#interface loopback 
*Jan 1 00:27:55.987: %LINK-5-CHANGED: Interface Loopback99, changed state to administratively down
*Jan 1 00:29:56.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback99, changed state to down
RouterTest(config)#interface loopback 99



Now, the command that was interrupted by a router status message has been re-copied onto a new line and continued. Here's how to configure it:

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#line console 0
RouterTest(config-line)#logging synchronous

*The logging synchronous for the console line has been configured, now the telnet line

RouterTest(config-line)#exit
RouterTest(config)#line vty 0 4
RouterTest(config-line)#logging synchronous

And it's been configured! Continue onto the next step for how to encrypt the passwords in the "show run".

7. Encrypt passwords in the configuration with service password-encryption

This step simply encrypts the passwords in the configuration. Unfortunately it only encrypts it with type 7 encryption, which can be decrypted with websites online. It's main use is for spying eyes to not remember the password (can easily remember the password cisco, but cant remember 095C4F1A0A1218000F).

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#service password-encryption

Awesome! Finished! Continue onto our last step for how to make a MOTD Banner.

8. How to make a MOTD Banner

This step is optional, but I think it really finishes off your router. At the after start-up it usually says:

Press RETURN to get started!

With the MOTD Banner you can put anything you would like to write (a message like 'welcome') under the 'press return to get started'. Here's how it's done:

RouterTest>enable
RouterTest#configure terminal
RouterTest(config)#banner motd *________________________*   <------ In the underlined space write your message. I'll write welcome.

RouterTest(config)#banner motd *Welcome*
RouterTest(config)#

And your done! This is what it should look like when you start up:


Press RETURN to get started.




Welcome

RouterTest>

Your base configuration is now complete. All 8 steps have been finished! To get your router up and running assign it with an IP address.