Basic Router Configuration

One of the things you do first when setting up a Cisco router in lab environments and production environments is basic router configuration. By having a good understanding of basic router configuration you will have the essential building blocks and be able to apply additional knowledge upon router configuration. This tutorial is assuming that  you are in a lab environment, additional security measures for production environments are recommended and are not discussed in this tutorial. Also this tutorial is assuming a terminal emulator session is on and ready. (Hyper-Terminal, Putty, etc) .

 The first thing you should always do when first configuring a router is erase the startup configuration. This assures us that anything that might have been saved or loaded is gone and won’t affect are configurations. First make sure you are in privileged EXEC mode on the router by typing enable:

Router>enable
Router#

The # symbol tells us that we are in privileged EXEC mode.

Then in privileged EXEC mode issue the command erase startup-config. The router will give you a warning and tell you to that you are about to erase the NVRAM hit enter. If you are prompted to save changes type no (If you typed yes than it will save the running-config to the startup-config and that defeats the purpose of erasing the startup-config file.)

Router#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router#

When the prompt returns to Router# issue the reload command. If prompted to save changes type no and hit enter. The router will now reload and be ready to configure. When the router finishes loading make sure you type no for the auto-install.

Would you like to enter the initial configuration dialog? [yes/no]: no
Would you like to terminate autoinstall? [yes]:
Press Enter to accept default.
Press RETURN to get started!

Enter privileged EXEC mode then type configure terminal:

Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#

To configure the router name enter the hostname command followed by the name or letters you want the router to be called (for this example I picked R1):

Router(config)#hostname R1
R1(config)#

Disable DNS Lookup with the no ip domain-lookup command:

R1(config)#no ip domain-lookup
R1(config)#

Configure an EXEC mode password, by using the enable secret [password] The word secret provides better security by storing the password in a non-reversible cryptographic function in MD5 hash. (For this example the password we will be allknowing)

R1(config)#enable secret allknowing
R1(config)#

Configure the message-of-the-day banner using the command banner motd. You can use any message, but make it aware that only authorized personal can enter the router. (For this example I typed this up)

R1(config)#banner motd
Enter TEXT message. End with the character '&'.
 ********************************
   !!!AUTHORIZED ACCESS ONLY!!!
 ********************************
&
R1(config)#

Configure the console password on the router (Make sure you are still in privileged EXEC mode) and type line console 0 for the password. It’s encouraged to use a different password than the enable secret (for this example I’ll use knowingall) type login to allow password checking. This password will be placed at the console line.

R1(config)#line console 0
R1(config-line)#password knowingall
R1(config-line)#login
R1(config-line)#exit
R1(config)#

Configure the password for the virtual terminal lines, again make sure you are in privileged EXEC mode and type line vty 0 4. The password should be a different as well. The VTY lines are used to remote into the router it can be an insecure method and can send passwords and commands in plain text if not properly setup. If you will never use VTY lines then you can just type login first and then exit without typing a password. That will make it so you can’t connect to the router remotely. (For this example however we are using VTY Lines and the password will be knowing)

R1(config)#line vty 0 4
R1(config-line)#password knowing
R1(config-line)#login
R1(config-line)#exit
R1(config)#

The next and final command is optional but is a helpful one, if you don’t want those random messages popping up while you are typing. The command is called logging synchronous and is issued in the line configuration mode for the console port. (Make sure you are in privileged EXEC mode and type line console 0 hit enter and type logging synchronous.

R1(config)#line console 0
R1(config-line)#logging synchronous
R1(config-line)#exit
R1(config)#

That’s it! This basic router configuration is on every Cisco Lab so you will end up being able to do this in your sleep! One final thing that I forgot to mention, and a lot of people forget to do when they are stuck or can’t remember that command is to use that question mark. Which can be entered at the prompt or at a command to display a list of available commands and parameters. This is helpful because the router will give you a brief summary of what that command will do. If you use the question mark it will become your best friend! (for example issuing the question mark at privileged EXEC mode gives me a list of all of the commands I can use and more available if I hit the space bar).

Router#?
Exec commands:
  <1-99>      Session number to resume
  auto        Exec level Automation
  clear       Reset functions
  clock       Manage the system clock
  configure   Enter configuration mode
  connect     Open a terminal connection
  copy        Copy from one file to another
  debug       Debugging functions (see also 'undebug')
  delete      Delete a file
  dir         List files on a filesystem
  disable     Turn off privileged commands
  disconnect  Disconnect an existing network connection
  enable      Turn on privileged commands
  erase       Erase a filesystem
  exit        Exit from the EXEC
  logout      Exit from the EXEC
  mkdir Create new directory
  more        Display the contents of a file
  no Disable debugging informations
  ping        Send echo messages
  reload      Halt and perform a cold restart
 --More-- 

I can then go further (if needed) into a command and hit the question mark. (For example if I type the copy command followed by a space and a question mark I get the following output). You can use this method and every command no matter how long or short the command is.

Router#copy ?
  flash:          Copy from flash: file system
  ftp:            Copy from ftp: file system
  running-config  Copy from current system configuration
  startup-config  Copy from startup configuration
  tftp:           Copy from tftp: file system 

Knowing every command in a router is not needed, instead I would know your way around it and use the available help tools built into the software.

Hope this tutorial was helpful.

Advertisements