Configuration Files Network devices depend on 2 types of software for their operation: operating system configuration Cisco network

rk devices contains 2 configuration files: running configuration file - Used during the current operation of the device startup configuration file - Used as the backup configuration & loaded when the device is started. NVRAM: RAM: Flash memory: provides temporary memory for the configuration file of the router while the router is powered on loses content when router is powered down or restarted provides storage for the startup configuration file retains content when router is powered down or restarted

holds the operating system image (IOS) allows software to be updated without removing & replacing chips on the processor retains content when router is powered down or restarted can store multiple versions of IOS software is electronically erasable, programmable ROM (EEPROM)

RAM is used for routing table information and it holds the running configuration. NVRAM is used to store the backup/startup configuration file Flash memory is used for storage of full Cisco IOS software images ROM is used for permanently storing startup diagnostic code The console port provides physical access for initial configuration. The interfaces provide LAN and WAN connectivity. There are two access levels: user EXEC mode - Has limited number of basic monitoring commands. The mode is identified by > privileged EXEC - Requires password & also can require user ID. By this mode one can accesses all router commands. This modes is identified by # User Router> Privilege Router# Global configuration mode Router# config t Only accessible from the privilege mode. From this mode one can access: interfaces subinterfaces line router router-map Router> (user prompt mode) Router>enable Password: Router#(user privileged mode) Router#disable (back to prompt mode)

Router> Router>exit ? Ctrl-A moves to the beginning of the command line Esc-B move back one word Ctrl-B move back one character (left arrow) Ctrl-D erases the character at the cursor Ctrl-K erases all characters from the cursor to end of command line Ctrl-E move to the end of the command line Ctrl-F move forward one character (right arrow) Esc-F move forward one word Ctrl-P recalls last or previous command (up arrow) Ctrl-N recalls most recent command (down arrow) <Tab> - complete the entry At the More prompt: Enter key displays the next line Space bar displays the next screen Any other alphanumeric key returns to the Exec prompt Break Keys: Ctrl-C When in any configuration mode, ends the configuration mode & returns to privileged EXEC mode. When in setup mode, aborts to the command prompt Ctrl-Z When in any configuration mode (no matter the level), ends the configuration mode & returns to privileged EXEC mode Ctrl-Shift-6 All purpose break sequence. Used to abort DNS lookups, traceroutes, pings. Configuration Interface Line Router Route-map Prompt Router(config-if)# Router(config-line)# Router(config-router)# Router(config-route-map)#

All of these commands are done in the Global Configuration Mode. Type exit from one of these specific configuration modes to return to global configuration mode Type Ctrl-Z to return to privileged EXEC mode The basic command is the show command: (Used at privilege mode) show arp displays the ARP table of the device show mac-address-table displays MAC table of a switch show startup-config displays the saved config in NVRAM show running-config displays the currently running config show ip interface displays IP statistics for the interface show ip interface < specific interface slot/port/number> show ip interface brief brief summary of all the interfaces on router show protocol brief summary of each interfaces giving status, ip address on the router show version command: IOS version and descriptive information

bootstrap ROM version boot ROM version router up time last restart method system image file and location router platform configuration register setting (how IOS is booted)

Remember, to configure or change anything on the router. You do: Router> enable Router# config terminal Router(config)# From the global config mode, many different configuration modes can be entered: Interface mode - Configure one of network interfaces (Fa0/0, S0/1, etc.) Line mode - Configure line, physical/ virtual (console, AUX, VTY, etc.) Router mode - Configure the parameters for one of the routing protocols To name a router or switch helps in configuring and troubleshooting a network. Naming should use the following convention: start with a letter not contain a space end with a letter or digit have characters of only letters, digits, and dashes be 63 characters or fewer Hostname : Router(config)# hostname Tokyo Tokyo(config)# Configuring Passwords & Banners Passwords introduce here: Console password limits device access using the console Enable password limits access to privileged EXEC mode Enable secret password encrypts privileged EXEC mode password VTY password limits device access using Telenet Consider the following when choosing a password: passwords that are more than 8 characters in length use combination of uppercase & lowercase and numeric avoid using the same password for all devices avoid using passwords such as password, administrator Console : Router(config)# line console 0 Router(config-line)# password cisco Router(config-line)# login Virtual terminal : Router(config)# line vty 0 4 Router(config-line)# password cisco Router(config-line)# login enable : Router(config)# enable password password secret : Router(config)# enable secret password

To encrypt passwords on your router/switch so that one can not read the passwords in text when they do show running -config or show startup-config, do Router(config)# service password-encryption Note this command does not encrypt the data when it is sent over the network!!! Give a description to an interface: Router(config)# interface fa0/1 Router(config-if)# description Engineering LAN, Bldg B Give a message of the day (MOTD): Router(config)# banner motd #You have entered a secure area! # For MOTD, this message will appear whenever a persons logins on a router/switch. When making configuration changes to a device, they are immediately & automatically stored in RAM. Though if power is lost, so are your changes. Hence you need to store these changes in NVRAM. This is done: Switch# copy running-config startup-config Router# copy running-config startup-config Router# copy run start If you make changes, and they dont work, you might want to start over with the initial configuration. Then you do (remember, the initial configuration needed to be stored in NVRAM first (copy run start): Router# reload The device will print a message reminding you that you have made changes, and do you want to save them? Your answer is no because you want to start over. Other methods of storing configuration files are: via HyperTerminal TFTP To remove/erase files in NVRAM, do the following: Router# erase startup-config Router# reload There are some bad results with start if you misspell start. So use Router# wr erase Router# reload Configuring Interfaces When you are at interface mode, you need to give characteristics to the ethernet or serial port: Router(config)# interface serial 0/0 Router(config-if)# ip address <ip address> <netmask> Router(config-if)# no shutdown If the serial port is the DCE, then the clock rate must be applied: Router(config)# interface serial 0/0 Router(config-if)# ip address <ip address> <netmask> Router(config-if)# clock rate 56000 Router(config-if)# no shutdown

As an example: When you are at interface mode, you need to give characteristics to the ethernet or serial port: Router(config)# interface serial 0/1 Router(config-if)# ip address 192.10.10.1 255.255.255.0 Router(config-if)# no shutdown If the serial port is the DCE, then the clock rate must be applied: Router(config)# interface serial 0/0 Router(config-if)# ip address 192.10.10.2 255.255.255.0 Router(config-if)# clock rate 56000 Router(config-if)# no shutdown Configuring Interfaces for Switches The OSI that operates on the routers is very similar to the switches. Switch> for user mode Switch> enable get to Privilege EXEC Switch# for EXEC mode Switch(config)# to make changes to the switch ? to learn commands Note initially all ports on the switch belongs to VLAN 1. VLAN 1 is known as the default management VLAN. Usually give the switch an IP address so it can be accessed remotely, and a default-gateway, so other networks can be access while working from CLI. Switch(config)# interface VLAN1 Switch(config-if)# ip address <ip address> <subnet mask of IP address> To communicate with the switch outside the network, do: Switch(config)# ip default-gateway <ip address> As an example: Switch(config)# interface VLAN1 Switch(config-if)# ip address 192.168.1.2 255.255.255.0 To communicate with the switch outside the network, do: Switch(config)# ip default-gateway 192.168.1.1 NOTE: If one wants to cancel a Cisco command, place a no in front of the command. Router(config)# interface fa0/1 Router(config-if)# no description Engineering LAN, Bldg B One command that determines if a device can be reached on a network is the ping command. Note: this command, if successful, only tells you that the device on the network can be reached. If it is not successful, it only tells that you can reach it IT DOESNT TELL YOU WANT IS WRONG. The ping command tests Layer 1 through Layer 3 inclusive. When a ping is applied on a router/switch: ! indicates receipt of an ICMP echo reply (success) .(period) indicates a timeout while waiting for a reply U an ICMP unreachable message was received. To test if the NIC card of your device is operating properly, apply: ping 127.0.0.1

Another way to determine Layer 3 connective from a router/switch, is the command: traceroute <ip address | URL > This command as oppose to ping will tell you where the problem is in a network. To test your local network follow the process: ping your NIC card (ping 127.0.0.1) ping every device on your network ping the gateway if a router is connected on your network then ping devices outside your network Cisco recommends to verify router interfaces, is to use the command: Router# show ip interface brief Another method to check your network is the command Router# show ip route This show you a table of all the networks that you can reach. If the network you are trying to ping or reach is not in the table, then the packet to that destination will be dropped.