Basic Router Configuration

Share on:

One of the things you do first when setting up a Cisco router in lab environments and production environments is basic router configuration. By having a good understanding of basic router configuration you will have the essential building blocks and be able to apply additional knowledge upon router configuration. This tutorial is assuming that  you are in a lab environment, additional security measures for production environments are recommended and are not discussed in this tutorial. Also this tutorial is assuming a terminal emulator session is on and ready. (Hyper-Terminal, Putty, etc).

The first thing you should always do when first configuring a router is erase the startup configuration. This assures us that anything that might have been saved or loaded is gone and won't affect are configurations. First make sure you are in privileged EXEC mode on the router by typing enable:

1Router>enable
2Router#

The # symbol tells us that we are in privileged EXEC mode.

Then in privileged EXEC mode issue the command erase startup-config. The router will give you a warning and tell you to that you are about to erase the NVRAM hit enter. If you are prompted to save changes type no (If you typed yes than it will save the running-config to the startup-config and that defeats the purpose of erasing the startup-config file.)

1Router#erase startup-config
2Erasing the nvram filesystem will remove all files! Continue? [confirm]
3[OK]
4Erase of nvram: complete
5Router#

When the prompt returns to Router# issue the reload command. If prompted to save changes type no and hit enter. The router will now reload and be ready to configure. When the router finishes loading make sure you type no for the auto-install.

1Would you like to enter the initial configuration dialog? [yes/no]: no
2Would you like to terminate autoinstall? [yes]:
3Press Enter to accept default.
4Press RETURN to get started!

Enter privileged EXEC mode then type configure terminal:

1Router>enable
2Router#configure terminal
3Enter configuration commands, one per line. End with CNTL/Z.
4Router(config)#

To configure the router name enter the hostname command followed by the name or letters you want the router to be called (for this example I picked R1):

1Router(config)#hostname R1
2R1(config)#

Disable DNS Lookup with the no ip domain-lookup command:

1R1(config)#no ip domain-lookup
2R1(config)#

Configure an EXEC mode password, by using the enable secret [password] The word secret provides better security by storing the password in a non-reversible cryptographic function in MD5 hash. (For this example the password we will be allknowing)

1R1(config)#enable secret allknowing
2R1(config)#

Configure the message-of-the-day banner using the command banner motd. You can use any message, but make it aware that only authorized personal can enter the router. (For this example I typed this up)

1R1(config)#banner motd
2Enter TEXT message. End with the character '&'.
3 ********************************
4   !!!AUTHORIZED ACCESS ONLY!!!
5 ********************************
6&
7R1(config)#

Configure the console password on the router (Make sure you are still in privileged EXEC mode) and type line console 0 for the password. It's encouraged to use a different password than the enable secret (for this example I'll use knowingall) type login to allow password checking. This password will be placed at the console line.

1R1(config)#line console 0
2R1(config-line)#password knowingall
3R1(config-line)#login
4R1(config-line)#exit
5R1(config)#

Configure the password for the virtual terminal lines, again make sure you are in privileged EXEC mode and type line vty 0 4. The password should be a different as well. The VTY lines are used to remote into the router it can be an insecure method and can send passwords and commands in plain text if not properly setup. If you will never use VTY lines then you can just type login first and then exit without typing a password. That will make it so you can't connect to the router remotely. (For this example however we are using VTY Lines and the password will be knowing)

1R1(config)#line vty 0 4
2R1(config-line)#password knowing 
3R1(config-line)#login
4R1(config-line)#exit
5R1(config)#

The next and final command is optional but is a helpful one, if you don't want those random messages popping up while you are typing. The command is called logging synchronous and is issued in the line configuration mode for the console port. (Make sure you are in privileged EXEC mode and type line console 0 hit enter and type logging synchronous.

1R1(config)#line console 0
2R1(config-line)#logging synchronous
3R1(config-line)#exit
4R1(config)#

That's it! This basic router configuration is on every Cisco Lab so you will end up being able to do this in your sleep! One final thing that I forgot to mention, and a lot of people forget to do when they are stuck or can't remember that command is to use that question mark. Which can be entered at the prompt or at a command to display a list of available commands and parameters. This is helpful because the router will give you a brief summary of what that command will do. If you use the question mark it will become your best friend! (for example issuing the question mark at privileged EXEC mode gives me a list of all of the commands I can use and more available if I hit the space bar).

 1Router#?
 2Exec commands:
 3  <1-99>      Session number to resume
 4  auto        Exec level Automation
 5  clear       Reset functions
 6  clock       Manage the system clock
 7  configure   Enter configuration mode
 8  connect     Open a terminal connection
 9  copy        Copy from one file to another
10  debug       Debugging functions (see also 'undebug')
11  delete      Delete a file
12  dir         List files on a filesystem
13  disable     Turn off privileged commands
14  disconnect  Disconnect an existing network connection
15  enable      Turn on privileged commands
16  erase       Erase a filesystem
17  exit        Exit from the EXEC
18  logout      Exit from the EXEC
19  mkdir Create new directory
20  more        Display the contents of a file
21  no Disable debugging informations
22  ping        Send echo messages
23  reload      Halt and perform a cold restart
24 --More--

I can then go further (if needed) into a command and hit the question mark. (For example if I type the copy command followed by a space and a question mark I get the following output). You can use this method and every command no matter how long or short the command is.

1Router#copy ?
2  flash:          Copy from flash: file system
3  ftp:            Copy from ftp: file system
4  running-config  Copy from current system configuration
5  startup-config  Copy from startup configuration
6  tftp:           Copy from tftp: file system

Knowing every command in a router is not needed, instead I would know your way around it and use the available help tools built into the software. Hope this tutorial was helpful.