Topology Diagra Learning !b"ectives Configure Cisco router global configuration settings. Configure Cisco router password access. Configure Cisco router interfaces. Save the router configuration file. Configure a Cisco switch. Bac#groun$ %ar$&are 'ty Description Cisco Router 1 Part of CCNA Lab bundle. Cisco Switch 1 Part of CCNA Lab bundle. *Computer host! 1 Lab computer. Console rollover! cable 1 Connects computer host 1 to Router console port. "#P Cat $ crossover cable 1 Connects computer host 1 to Router LAN interface %a&'& Straight #hrough Cable ( Connects computer hosts to Switch and switch to router #able 1. )*uipment and hardware re*uired for this lab. +ather the necessar, e*uipment and cables. #o configure the lab- ma.e sure the e*uipment listed in #able 1 is available. Note to instructor/ 0f ,ou do not have a router that has two %ast)thernet interfaces- consider configuring a loopbac. interface as an alternative to the %ast)thernet &'1. Another alternative would be to use two routers connected through a serial connection and use the %ast)thernet interfaces from each router. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Common configuration tas.s include setting the hostname- access passwords- and :;#9 banner. 0nterface configuration is e6tremel, important. 0n addition to assigning a La,er ( 0P address- enter a description that describes the destination connection speeds troubleshooting time. Configuration changes are effective immediatel,. Configuration changes must be saved in N<RA: to be persistent across reboot. Configuration changes ma, also be saved off=line in a te6t file for auditing or device replacement. Cisco 0;S switch configuration is similar to Cisco 0;S router configuration. (cenario 0n this lab students will configure common settings on a Cisco Router and Cisco Switch. +iven an 0P address of 198.133.219.0/24- with > bits borrowed for subnets- fill in the following information in the table below. Note to instructor/ #o reinforce student cable identification- have several different t,pes of cables available for the students. :i6 crossover- straight=through- and rollover cables. Students should be able to identif, the proper cable t,pe based on a visual inspection. ?int/ fill in the subnet number- then the host address. Address information will be eas, to compute with the subnet number filled in first! :a6imum number of usable subnets including the & th subnet!/ @@@@@1$@@@@@@@@ Number of usable hosts per subnet/ @@@@@@@@1>@@@@@@@@@ 0P Address/ 12A.1((.312.& Subnet mas./ 3$$.3$$.3$$.3>& B Subnet %irst host address Last host address 8roadcast & 12A.1((.312.& 12A.1((.312.1 12A.1((.312.1> 12A.1((.312.1$ 1 12A.1((.312.1C 12A.1((.312.15 12A.1((.312.(& 12A.1((.312.(1 3 12A.1((.312.(3 12A.1((.312.(( 12A.1((.312.>C 12A.1((.312.>5 ( 12A.1((.312.>A 12A.1((.312.>2 12A.1((.312.C3 12A.1((.312.C( > 12A.1((.312.C> 12A.1((.312.C$ 12A.1((.312.5A 12A.1((.312.52 $ 12A.1((.312.A& 12A.1((.312.A1 12A.1((.312.2> 12A.1((.312.2$ C 12A.1((.312.2C 12A.1((.312.25 12A.1((.312.11 & 12A.1((.312.111 5 12A.1((.312.11 3 12A.1((.312.11( 12A.1((.312.13 C 12A.1((.312.135 A 12A.1((.312.13 A 12A.1((.312.132 12A.1((.312.1> 3 12A.1((.312.1>( 2 12A.1((.312.1> > 12A.1((.312.1>$ 12A.1((.312.1$ A 12A.1((.312.1$2 1& 12A.1((.312.1C 12A.1((.312.1C1 12A.1((.312.15 12A.1((.312.15$ All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 3 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration & > 11 12A.1((.312.15 C 12A.1((.312.155 12A.1((.312.12 & 12A.1((.312.121 13 12A.1((.312.12 3 12A.1((.312.12( 12A.1((.312.3& C 12A.1((.312.3&5 1( 12A.1((.312.3& A 12A.1((.312.3&2 12A.1((.312.33 3 12A.1((.312.33( 1> 12A.1((.312.33 > 12A.1((.312.33$ 12A.1((.312.3( A 12A.1((.312.3(2 8efore proceeding- verif, ,our addresses with the instructor. #he instructor will assign subnetwor.s. Note to 0nstructor= give each team of students a subnetwor. number. Tas# 1: Configure Cisco )outer *lobal Configuration (ettings. %igure 1. Lab cabling. (tep 1: +,ysically connect $evices. Refer to %igure 1. Connect the console or rollover cable to the console port on the router. Connect the other end of the cable to the host computer using a 98=2 or 98=3$ adapter to the C;: 1 port. Connect the crossover cable between the host computerDs networ. interface card N0C! and Router interface %a&'&. Connect a straight=through cable between the Router interface %a&'1 and an, of the switchDs interfaces 1=3>!. )nsure that power has been applied to the host computer- switch and router. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page ( of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration (tep -: Connect ,ost coputer to router t,roug, %yperTerinal. %rom the Eidows tas.bar- start the ?,per#erminal program b, clic.ing on Start F Programs F Accessories F Communications F ?,per#erminal. Configure ?,per#erminal with the proper settings/ Connection 9escription Name/ Lab 11_2_11 0con/ Personal choice Connect to Connect Using: C!.1 or appropriate C;: port! C;:1 Properties Bits per second: 9600 Data bits: 8 Parity: None Stop bits: 1 !o" Contro!: None Ehen the ?,per#erminal session window comes up- press the /nter .e, until there is a response from the router. 0f the router terminal is in the configuration mode- e6it b, t,ping NO. #o$!d yo$ !i%e to enter t&e initia! con'ig$ration dia!og( )yes/no*: no Press +,-U+. to get started/ +o$ter0 Ehen in privileged e6ec command mode- an, misspelled or unrecogniGed commands will attempt to be translated b, the router as a domain name. Since there is no domain server configured- there will be a dela, while the re*uest times out. #his can ta.e between several seconds to several minutes. #o terminate the wait- simultaneousl, hold down the <CTRL><SHIT>6 %eys then release and press !/ +o$ter0enabe! -rans!ating 1enabe!1...do2ain ser3er 4255.255.255.2556 7 8riefl, hold down the .e,s <CTRL><SHIT>6- release and press ! Note to instructor. #o disable name translation attempts- appl, the global configuration command no i" #o$ain%loo&'". .a2e !oo%$p aborted +o$ter0 %rom the user e6ec mode- enter privileged e6ec mode/ +o$ter0 enable +o$ter8 All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page > of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration <erif, a clean configuration file with the privileged e6ec command sho( r'nnin)%con*i). 0f a configuration file was previousl, saved- it will have to be removed. Appendi6 1 shows a t,pical default routerDs configuration. 9epending on routerDs model and 0;S version- ,our configuration ma, loo. slightl, different. ?owever- there should be no configured passwords or 0P addresses. 0f ,our router does not have a default configuration- as. the instructor to remove the configuration. (tep 0: Configure global configuration ,ostnae setting. Ehat two commands ma, be used to leave the privileged e6ec modeH e!i+ or en# Ehat shortcut command can be used to enter the privileged e6ec modeH @@@@en@@@@@@@@@@ )6amine the different configuration modes that can be entered with the command con*i)'re, Erite down the list of configuration modes and description/ con'ir2 Con'ir2 rep!ace2ent o' r$nning9con'ig "it& a ne" con'ig 'i!e 2e2ory Con'ig$re 'ro2 .: 2e2ory net"or% Con'ig$re 'ro2 a --P net"or% &ost o3er"rite9net"or% ;3er"rite .: 2e2ory 'ro2 --P net"or% &ost rep!ace +ep!ace t&e r$nning9con'ig "it& a ne" con'ig 'i!e ter2ina! Con'ig$re 'ro2 t&e ter2ina! <cr0
%rom the pri3i!eged e=ec mode- enter global configuration mode/ +o$ter8 con*i)'ra+ion +er$inal +o$ter4con'ig68 Ehat three commands ma, be used to leave the global configuration mode and return to the privileged e6ec modeH @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ e!i+- en#- an$ <CTRL>. Ehat shortcut command can be used to enter the global configuration modeH @@ con*i) + @@@@@@@@ Set the device hostname to +o$ter1/ ro$ter4con'ig68 hos+na$e Ro'+er1 +o$ter14con'ig68 ?ow can the hostname be removedH @@@@@@@@ no hos+na$e Ro'+er1@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page $ of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration (tep 5: Configure t,e .!TD banner. 0n production networ.s- banner content ma, have a significant legal impact on the organiGation. %or e6ample- a friendl, IEelcomeJ message ma, be interpreted b, a court that an attac.er has been granted permission to hac. into the router. A banner should include information about authoriGation- penalties for unauthoriGed access- connection logging- and applicable local laws. #he corporate securit, polic, should provide polic, on all banner messages. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page C of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Create a suitable :;#9 banner. ;nl, s,stem administrators of the A8C Compan, are authoriGed access- unauthoriGed access will be prosecuted- and all connection information will be logged. 7ou are connected to an A8C networ. device. Access is granted to onl, current A8C s,stem administrators with prior written approval. "nauthoriGed access is prohibited- and will be prosecuted. All connections are continuousl, logged. )6amine the different banner modes that can be entered. Erite down the list of banner modes and description. >?., c banner9te=t c@ "&ere AcA is a de!i2iting c&aracter e=ec Set ,B,C process creation banner inco2ing Set inco2ing ter2ina! !ine banner !ogin Set !ogin banner 2otd Set Cessage o' t&e Day banner pro2pt9ti2eo$t Set Cessage 'or !ogin a$t&entication ti2eo$t s!ip9ppp Set Cessage 'or S>?P/PPP Ro'+er1/con*i)01 banner , Choose a terminating character that will not be used in the message te6t. @@@2 /"er cen+0@@@@ Configure the :;#9 banner. #he :;#9 banner is displa,ed on all connections before the login prompt. "se the terminating character on a blan. line to end the :;#9 entr,/ +o$ter14con'ig68 banner $o+# 2 3n+er T34T $essa)e5 3n# (i+h +he charac+er 626 DDDEo$ are connected to an FBC net"or% de3ice. Fccess is granted to on!y c$rrent FBC co2pany syste2 ad2inistrators "it& prior "ritten appro3a!. DDD DDD Una$t&oriGed access is pro&ibited@ and "i!! be prosec$ted. DDD DDD F!! connections are contin$o$s!y !ogged. DDD 7 +o$ter14con'ig68 Ehat is the global configuration command to remove the :;#9 bannerH @@@@@@ no banner $o+#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 5 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Note to 0nstructor/ personal banners on non=production devices can be entertaining. %ollowing is a banner made from ASC00 art that can be copied into the router/
4 o o 6 H999999999999999999.ooo;994I699;ooo.999999999999999999H J J J .ooo; J J 4 6 ;ooo. J H999999999999999999999K 499994 699999999999999999999H KI6 6 / 4I/ Tas# -: Configure Cisco )outer +ass&or$ 1ccess. Access passwords are set for the privileged e6ec mode and user entr, point such as console- au6- and virtual lines. #he privileged e6ec mode password is the most critical password- since it controls access to the configuration mode. (tep 1: Configure t,e privilege$ e2ec pass&or$. Cisco 0;S supports two commands that set access to the privileged e6ec mode. ;ne command- enable "ass(or#- contains wea. cr,ptograph, and should never be used if the enable secre+ command is available. #he enable secre+ command uses a ver, secure :9$ cr,ptographic hash algorithm. Cisco sa,s IAs far as an,one at Cisco .nows- it is impossible to recover an enable secret based on the contents of a configuration file other than b, obvious dictionar, attac.s!.J Password securit, relies on the password algorithm- and the password. . 0n production environments- strong passwords should be used at all times. A strong password consists of at least nine characters of upper and lower case letters- numbers- and s,mbols. 0n a lab environment- we will use wea. passwords. Set the privileged e6ec password to cisco. +o$ter14con'ig68 enable secre+ cisco +o$ter14con'ig68 (tep -: Configure t,e console pass&or$. Set the console access password to class. #he console password controls console access to the router. +o$ter14con'ig68 line console 0 +o$ter14con'ig9!ine68 "ass(or# class +o$ter14con'ig9!ine68 lo)in Ehat is the command to remove the console passwordH @@@@ no "ass(or# cisco @@@@@@@ (tep 0: Configure t,e virtual line pass&or$. Set the virtual line access password to class. #he virtual line password controls #elnet access to the router. 0n earl, Cisco 0;S versions- onl, five virtual lines could be set- & through >. 0n newer Cisco 0;S versions- the number has been e6panded. "nless a telnet password is set- access on that virtual line is bloc.ed. +o$ter14con'ig9!ine68 line 7+8 0 9 +o$ter14con'ig9!ine68 "ass(or# class All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page A of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration +o$ter14con'ig9!ine68 lo)in #here are three commands that ma, be used to e6it the line configuration mode/ Coan$ /ffect e!i+ Return to the global configuration mode. en# )6it configuration and return to the privileged e6ec mode. <CTRL>. 0ssue the command e!i+. Ehat is the router promptH Ehat is the modeH +o$ter14con'ig9!ine68 e!i+ @@@ Ro'+er1/con*i)01@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@@ +lobal configuration mode@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 0ssue the command en#. Ehat is the router promptH Ehat is the modeH @@@+o$ter18@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @@@Privileged e6ec mode@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Tas# 0: Configure Cisco )outer Interfaces. All cabled interfaces should contain documentation about the connection. ;n newer Cisco 0;S versions- the ma6imum description is 3>& characters. %igure 3. Ph,sical lab topolog,. %igure 3 shows a networ. topolog, where a host computer is connected to Router1- interface %a&'&. Erite down ,our subnet number and mas./ Answers will var,.F 3$$.3$$.3$$.3>& All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 2 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration #he first 0P address will be used to configure the host computer LAN. Erite down the first 0P Address/ @ Answers will var,.@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ #he last 0P address will be used to configure the router fa&'& interface. Erite down the last 0P Address/ @@ Answers will var,.@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ (tep 1: Configure t,e router fa343 interface. Erite a short description for the connections on Router1/ %a&'& =K @@@@@ Connection to ?ost1 with crossover cable.@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Appl, the description on the router interface with the interface configuration command- #escri"+ion/ +o$ter14con'ig68 in+er*ace *a0:0 +o$ter14con'ig9i'68 #escri"+ion Connec+ion +o Hos+1 (i+h crosso7er cable +o$ter14con'ig9i'68 i" a##ress address mask +o$ter14con'ig9i'68 no sh'+#o(n +o$ter14con'ig9i'68 en# +o$ter18 Loo. for the interface to become active/ DCar 24 19:58:59.L02: 7>?.,P+;-;959UPD;#.: >ine protoco! on ?nter'ace ast,t&ernet0/0@ c&anged state to $p (tep -: Configure t,e router 5a341 interface. Erite a short description for the connections on Router1/ %a&'1 =K @@ Connection to switch with straight=through cable.@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Appl, the description on the router interface with the interface configuration command- #escri"+ion/ +o$ter14con'ig68 in+er*ace *a0:1 +o$ter14con'ig9i'68 #escri"+ion Connec+ion +o s(i+ch (i+h s+rai)h+%+hro')h cable +o$ter14con'ig9i'68 i" a##ress address mask +o$ter14con'ig9i'68 no sh'+#o(n +o$ter14con'ig9i'68 en# +o$ter18 Loo. for the interface to become active/ DCar 24 19:58:59.L02: 7>?.,P+;-;959UPD;#.: >ine protoco! on ?nter'ace ast,t&ernet0/1@ c&anged state to $p (tep 0: Configure t,e ,ost coputer. Configure the host computer for LAN connectivit,. Recall that the LAN configuration window is accessed through Start F Control Panel F Networ. Connections. Right=clic. on the LAN icon- and select Properties. ?ighlight the 0nternet Protocol field- and select Properties. %ill in the following fields/ 0P Address/ #he first host address Subnet :as./ #he subnet mas. 9efault +atewa,/ RouterDs 0P Address All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1& of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Clic. ;L- and then Close. ;pen a terminal window- and verif, networ. settings with the i"con*i) command. (tep 6: Verify net&or# connectivity. "se the "in) command to verif, networ. connectivit, with the router. 0f ping replies are not successful troubleshoot the connection/ Ehat Cisco 0;S command can be used to verif, the interface statusH sho( in+er*ace *a0:0 an# sho( in+er*ace *a0:1 Ehat Eindows command can be used to verif, host computer configurationH @@ i"con*i) @@@ Ehat is the correct LAN cable between host1 and Router1H @@@crossover@@@@@@ Tas# 6: (ave t,e )outer Configuration 5ile. Cisco 0;S refers to RA: configuration storage as running=configuration- and N<RA: configuration storage as startup=configuration. %or configurations to survive rebooting or power restarts- the RA: configuration must be copied into non=volatile RA: N<RA:!. #his does not occur automaticall,- N<RA: must be manuall, updated after an, changes are made. (tep 1: Copare router )1. an$ 7V)1. configurations. "se the Cisco 0;S sho( command to view RA: and N<RA: configurations. #he configuration is displa,ed one screen at a time. A line containing I 99 2ore 99 I indicates that there is additional information to displa,. #he following list describes acceptable .e, responses/ 8ey Description <SP;C3> 9ispla, the ne6t page. <R3T<RN> 9ispla, the ne6t line. = Muit <CTRL> c Muit Erite down one possible shortcut command that will displa, the contents of N<RA:. sh s+ar+ 9ispla, the contents of N<RA:. 0f the output of N<RA: is missing- it is because there is no saved configuration./ +o$ter18 sho( s+ar+'"%con*i) start$p9con'ig is not present +o$ter18 9ispla, the contents of RA:. +o$ter18s&o" r$nning9con'ig "se the output to answer the following *uestions/ ?ow large is the configuration fileH Current configuration / 2($ b,tes answers will var,- but be close to 1&&& b,tes! All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 11 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Ehat is the enable secret passwordH enab!e secret 5 M1MSg/,MNn,n;.09OPpib:33dNBB?0 As. students to compare their passwords. 0f all students used cisco as the enable secret password- someone is bound to as. wh, the cr,ptote6t is different. #he answer is be,ond the scope of this curriculum- but a short answer to intrigue students ma, lead to independent research. #he cr,ptote6t M1MSg/,MNn,n;.09OPpib:33dNBB?0 is actuall, composed of three fields- separated b, M. #he first field contains the hash algorithm t,pe- 1= in this case- :9$. #he second field- Sg/,- is called the salt- or random value- that is used with the password- cisco- to compute the :9$ hash- Nn,n;.09OPpib:33dNBB?0. Since the salts are different- the resulting hash will be different 9oes ,our :;#9 banner contain the information ,ou entered earlierH @@,es@@@@@@@@@@@@@@@@@@@@@@@ 9o ,our interface descriptions contain the information ,ou entered earlierH @,es@@@@@@@@@@@@@@@@@@@ Erite down one possible shortcut command that will displa, the contents of RA:. sh r'n- (ri+e- (r (tep -: (ave )1. configuration to 7V)1.. %or a configuration to be used the ne6t time the router is powered on or reloaded- it must be manuall, saved in N<RA:. Save the RA: configuration to N<RA:/ +o$ter18 co"8 r'nnin)%con*i) s+ar+'"%con*i) Destination 'i!ena2e )start$p9con'ig*( <,.-,+0 B$i!ding con'ig$ration... );Q* +o$ter18 Erite down one possible shortcut command that will cop, the RA: configuration to N<RA:. @@@ co"8 r'n s+ar+- (ri+e $e$- (r $e$@@@@@@@@@@ Review the contents of N<RA:- and verif, that the configuration is the same as the configuration in RA:. Contents should be the same. Tas# 5: Configure a Cisco (&itc,. Cisco 0;S switch configuration is than.full,! similar to configuring a Cisco 0;S router. #he benefit of learning 0;S commands is that the, are similar to man, different devices and 0;S versions. (tep 1: Connect t,e ,ost to t,e s&itc,. :ove the console- or rollover- cable to the console port on the switch. )nsure power has been applied to the switch. 0n ?,perterminal- press )nter until the switch responds. (tep -. Configure global configuration ,ostnae setting. Appendi6 3 shows a t,pical default switch configuration. 9epending on router model and 0;S version- ,our configuration ma, loo. slightl, different. ?owever- there should be no configured passwords. 0f ,our router does not have a default configuration- as. the instructor to remove the configuration. %rom the user e6ec mode- enter global configuration mode/ S"itc&0 en S"itc&8 con*i) + All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 13 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration S"itc&4con'ig68 Set the device hostname to Switch1. S"itc&4con'ig68 hos+na$e S(i+ch1 S"itc&14con'ig68 (tep 0: Configure t,e .!TD banner. Create a suitable :;#9 banner. ;nl, s,stem administrators of the A8C compan, are authoriGed access- unauthoriGed access will be prosecuted- and all connection information will be logged. Configure the :;#9 banner. #he :;#9 banner is displa,ed on all connections before the login prompt. "se the terminating character on a blan. line to end the :;#9 entr,. %or assistance- review the similar step for configuring a router :;#9 banner. S"itc&14con'ig68 banner $o+# 2 7ou are connected to an A8C networ. device. Access is granted to onl, current A8C s,stem administrators with prior written approval. "nauthoriGed access is prohibited- and will be prosecuted. All connections are continuousl, logged. (tep 6: Configure t,e privilege$ e2ec pass&or$. Set the privileged e6ec password to cisco. S"itc&14con'ig68 enable secre+ cisco S"itc&14con'ig68 (tep 5: Configure t,e console pass&or$. Set the console access password to class. S"itc&14con'ig68 line console 0 S"itc&14con'ig9!ine68 "ass(or# class S"itc&14con'ig9!ine68 lo)in (tep 9: Configure t,e virtual line pass&or$. Set the virtual line access password to class. #here are 1C virtual lines that can be configured on a Cisco 0;S switch- & through 1$. S"itc&14con'ig9!ine68 line 7+8 0 1> S"itc&14con'ig9!ine68 "ass(or# class S"itc&14con'ig9!ine68 lo)in All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1( of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration %igure (. Networ. topolog,. (tep :: Configure t,e interface $escription. %igure ( shows a networ. topolog, where Router1 is connected to Switch1- interface %a&'1. Switch1 interface %a&'3 is connected to host computer 3- and interface %a&'( is connected to host computer (. Erite a short description for the connections on Switch1/ )outer1 Interface Description %a&'1 Connection to Router1. %a&'3 Connection to host computer 3. %a&'( Connection to host computer (.
Appl, the descriptions on the switch interface with the interface configuration command- #escri"+ion/ S"itc&14con'ig68 in+er*ace *a0:1 S"itc&14con'ig9i'68 #escri"+ion Connec+ion +o Ro'+er1 S"itc&14con'ig68 in+er*ace *a0:2 S"itc&14con'ig9i'68 #escri"+ion Connec+ion +o hos+ co$"'+er 2 S"itc&14con'ig68 in+er*ace *a0:? S"itc&14con'ig9i'68 #escri"+ion Connec+ion +o hos+ co$"'+er ? S"itc&14con'ig9i'68 en# S"itc&18 (tep :: (ave )1. configuration to 7V)1.. %or a configuration to be used the ne6t time the switch is powered on or reloaded- it must be manuall, saved in N<RA:. Save the RA: configuration to N<RA:/ S"itc&18 co"8 r'n s+ar+ Destination 'i!ena2e )start$p9con'ig*( <,.-,+0 B$i!ding con'ig$ration... );Q* S"itc&18 Review the contents of N<RA:- and verif, that the configuration is the same as the configuration in RA:. Contents should be the same. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1> of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Tas# 9: )eflection #he more ,ou practice the commands- the faster ,ou will become in configuring a Cisco 0;S router and switch. 0t is perfectl, acceptable to use notes at first to help configure a device- but a professional networ. engineer does not need a Ncheat sheetD to perform common configuration tas.s. #he following table lists commands covered in this lab/ +urpose Coan$ )nter the global configuration mode. con*i)'re +er$inal ,=a2p!e: +o$ter0 enable +o$ter8 con'ig$re ter2ina! +o$ter4con'ig68 Specif, the name for the router. hos+na$e name ,=a2p!e: +o$ter4con'ig68 hos+na$e Ro'+er1 +o$ter4con'ig68 Specif, an encr,pted password to prevent unauthoriGed access to the privileged e6ec mode. enable secre+ password ,=a2p!e: +o$ter4con'ig68 enable secre+ cisco +o$ter4con'ig68 Specif, a password to prevent unauthoriGed access to the console. "ass(or# password lo)in ,=a2p!e: +o$ter4con'ig68 line con 0 +o$ter4con'ig9!ine68 "ass(or# class +o$ter4con'ig9!ine68 lo)in +o$ter4con'ig68 Specif, a password to prevent unauthoriGed telnet access. Router vt, lines/ & > Switch vt, lines/ & 1$ "ass(or# password lo)in ,=a2p!e: +o$ter4con'ig68 line 7+8 0 9 +o$ter4con'ig9!ine68 "ass(or# class +o$ter4con'ig9!ine68 lo)in +o$ter4con'ig9!ine68 Configure the :;#9 banner. @anner $o+# 2 ,=a2p!e: +o$ter4con'ig68 banner $o+# 2 +o$ter4con'ig68 Configure an interface. Router= interface is ;%% b, default Switch= interface is ;N b, default ,=a2p!e: +o$ter4con'ig68 in+er*ace *a0:0 +o$ter4con'ig9i'68 #escri"+ion description +o$ter4con'ig9i'68 i" a##ress address mask +o$ter4con'ig9i'68 no sh'+#o(n +o$ter4con'ig9i'68 Save the configuration to N<RA:. co"8 r'nnin)%con*i) s+ar+'"%con*i) ,=a2p!e: +o$ter8 co"8 r'nnin)%con*i) s+ar+'"%con*i) +o$ter8 All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1$ of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration Tas# :: C,allenge 0t is often necessar,- and alwa,s hand,- to save the configuration file to an off=line te6t file. ;ne wa, to save the configuration file is to use ?,per#erminal #ransfer menu option Capture. %igure 3. ?,perterminal Capture menu. Refer to %igure 3. All communication between the host computer and router are saved to a file. #he file can be edited- and saved. #he file can also be edited- copied- and pasted into a router/ #o start a capture- select ?,perterminal menu option #ransfer F Capture #e6t. )nter a path and file name- and select Start. 0ssue the privileged e6ec command sho( r'nnin)%con*i)- and press the OSPAC)K .e, until all of the configuration has been displa,ed. Stop the capture. Select menu option #ransfer F Capture #e6t F Stop. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1C of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration ;pen the te6t file and review the contents. Remove an, lines that are not configuration commands- such as the 2ore prompt. :anuall, correct an, lines that were scrambled or occup, the same line. After chec.ing the configuration file- highlight the lines and select Notepad menu )dit F Cop,. #his places the configuration in host computer memor,. #o load the configuration file- it is ALEA7S best practice to begin with a clean RA: configuration. ;therwise- stale configuration commands ma, survive a paste action and have unintended conse*uences also .nown as the Law of "nintended Conse*uences!/ Note to 0nstructor. ?ighlighting the ?,perterminal te6t and cop,ing ma, also bring the configuration into memor,. #he important point is that the configuration is e6amined closel, for an, errors before reloading. )rase the N<RA: configuration file/ +o$ter18 erase s+ar+ ,rasing t&e n3ra2 'i!esyste2 "i!! re2o3e a!! con'ig$ration 'i!es/ Contin$e( )con'ir2* <3NT3R> );Q* ,rase o' n3ra2: co2p!ete Reload the router/ +o$ter18 reloa# Proceed "it& re!oad( )con'ir2* <3NT3R> Ehen the router reboots- enter the global configuration mode/ +o$ter0 en +o$ter8 con*i) + +o$ter4con'ig68 "sing the mouse- right=clic. inside the ?,perterminal window and select Paste #o ?ost. #he configuration will be loaded- ver, *uic.l,- to the router. Eatch closel, for error messages- each message must be investigated and corrected. <erif, the configuration- and save to N<RA:. Tas# 9: Cleanup 8efore turning off power to the router and switch- remove the N<RA: configuration file from each device with the privileged e6ec command erase s+ar+'"%con*i). 9elete an, configuration files saved on the host computers. "nless directed otherwise b, the instructor- restore host computer networ. connectivit,- then turn off power to the host computers. Remove an,thing that was brought into the lab- and leave the room read, for the ne6t class. All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 15 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration 1ppen$i2 1; $efault Cisco I!( router configuration C$rrent con'ig$ration : 824 bytes / 3ersion 12.4 ser3ice ti2esta2ps deb$g dateti2e 2sec ser3ice ti2esta2ps !og dateti2e 2sec no ser3ice pass"ord9encryption / &ostna2e +o$ter / boot9start92ar%er boot9end92ar%er / no aaa ne"92ode! ip ce' / inter'ace ast,t&ernet0/0 no ip address s&$tdo"n d$p!e= a$to speed a$to / inter'ace ast,t&ernet0/1 no ip address s&$tdo"n d$p!e= a$to speed a$to / inter'ace Seria!0/1/0 no ip address s&$tdo"n no 'air9R$e$e / inter'ace Seria!0/1/1 no ip address s&$tdo"n c!oc% rate 2000000 / inter'ace :!an1 no ip address / ip &ttp ser3er no ip &ttp sec$re9ser3er / contro!9p!ane / !ine con 0 !ine a$= 0 !ine 3ty 0 4 !ogin / sc&ed$!er a!!ocate 20000 1000 end All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 1A of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration 1ppen$i2 -; $efault Cisco I!( s&itc, configuration C$rrent con'ig$ration : 1519 bytes / 3ersion 12.1 no ser3ice pad ser3ice ti2esta2ps deb$g $pti2e ser3ice ti2esta2ps !og $pti2e no ser3ice pass"ord9encryption / &ostna2e S"itc& / / ip s$bnet9Gero / / spanning9tree 2ode p3st no spanning9tree opti2iGe bpd$ trans2ission spanning9tree e=tend syste29id / / inter'ace ast,t&ernet0/1 no ip address / inter'ace ast,t&ernet0/2 no ip address / inter'ace ast,t&ernet0/3 no ip address / inter'ace ast,t&ernet0/4 no ip address / inter'ace ast,t&ernet0/5 no ip address / inter'ace ast,t&ernet0/L no ip address / inter'ace ast,t&ernet0/S no ip address / inter'ace ast,t&ernet0/8 no ip address / inter'ace ast,t&ernet0/9 no ip address / inter'ace ast,t&ernet0/10 no ip address / inter'ace ast,t&ernet0/11 no ip address / inter'ace ast,t&ernet0/12 All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 12 of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration no ip address / inter'ace ast,t&ernet0/13 no ip address / inter'ace ast,t&ernet0/14 no ip address / inter'ace ast,t&ernet0/15 no ip address / inter'ace ast,t&ernet0/1L no ip address / inter'ace ast,t&ernet0/1S no ip address / inter'ace ast,t&ernet0/18 no ip address / inter'ace ast,t&ernet0/19 no ip address / inter'ace ast,t&ernet0/20 no ip address / inter'ace ast,t&ernet0/21 no ip address / inter'ace ast,t&ernet0/22 no ip address / inter'ace ast,t&ernet0/23 no ip address / inter'ace ast,t&ernet0/24 no ip address / inter'ace Tigabit,t&ernet0/1 no ip address / inter'ace Tigabit,t&ernet0/2 no ip address / inter'ace :!an1 no ip address no ip ro$te9cac&e s&$tdo"n / ip &ttp ser3er / / !ine con 0 !ine 3ty 5 15 / All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 3& of 31 CCNA )6ploration Networ. %undamentals/ Configuring and #esting 7our Networ. Lab 11.$.1 8asic Cisco 9evice Configuration end
All contents are Cop,right 1 122343&&5 Cisco S,stems- 0nc. All rights reserved. #his document is Cisco Public 0nformation. Page 31 of 31