Worked Example

Router Configuration – Worked Example

In this section, we will be configuring a router with a basic configuration that will allow the router to connect to a simple network topology.

Once the router has been configured we will then monitor the router and the network to ensure correct operation

Lets have a look at the network that we will configure.

image024

 

The router in this exercise is shown as being a 2621.  However any router that has two Ethernet ports will work.

The first stage in this is to physically cable the network.  The cable going from PC0 directly is a console cable. All other cables shown are Ethernet straight through cables.

Once the physical connections are made, then start your terminal emulation software on the PC.

You should see the user Exec prompt Router>

The first thing to do is to change the hostname on the router so it matches the diagram above.

To do this type Router>enable

You are then elevated to Priviliged Exec mode, from here type Config Terminal to enter Global Configuration mode.

Your prompt should have changed to Router(config)#

Now at this prompt type Router(config)#Hostname Central

This will change the router name to Central and your prompt will now look like

Central(config)#

This allows you to easily identify routers in a large network.

Now we want to issue IP addresses to the routers Ethernet ports.

We can see that FA0/0 (short for FastEthernet 0/0) is to be given an IP Address of 10.0.0.1 with a CIDR of 8 bits which equates to a subnet mask of 255.0.0.0.

To program this we must first go to that interface

To do this type Central(config)#Interface FastEthernet0/0 and press return

You are now in the interface sub mode Central(config-if)#

In this mode type the following commands

Central(config-if)#ip address 10.0.0.1 255.0.0.0

Central(config-if)#no shutdown

The no shutdown brings the port up, remember they are administratively shutdown by default for security reasons.

You may receive a message telling you that the interface is now up.

Now exit back to global config mode by typing exit

Issue the following commands to configure the other interface;
Central(config)#Interface FastEthernet0/1

Central(config-if)#ip address 192.168.0.1 255.255.255.0
Central(config-if)#no shutdown
Now exit back to global configuration mode. (type exit)

We now require to secure the router. You should password protect the router to prevent unauthorised access and malicious misconfiguration.

We will first secure the console port, to do this we will issue 3 commands;
Central(config)#line console 0
Central(config-line)#password cisco
Central(config-line)#login

The first command sets the configuration for the line console, the next line sets the password to be cisco, the 3rd command sets password to be used for login.

We will now password protect the Privileged Exec mode.  To do this we issue the command Central(config)#enable secret class

This sets an enable password of class that is stored on the router in an encrypted format.

We also would like to setup telnet access to allow administrators to monitor and configure the router remotely.

To do this we issue the following commands

Central(config)#line vty 0 15
Central(config-line)#password cisco
Central(config-line)#login

Line VTY 0 15 are the 16 separate lines that are available for telnet access.  We are giving them the same password.
The password is set as cisco and the login sets the login to be available for use.

If you exit back to privileged mode, we will save the configuration to NVRAM in the startup-config file as currently the configuration is only stored in RAM (the running-config) and would be lost if the router were turned off.

To do this – issue Central(config)#copy running-config startup-config

This command copies the running configuration in RAM to the startup configuration in NVRAM.

(Similar to many cisco commands the command takes the form copy FROM TO.)

Finally we will configure a routing protocol.  This router is on its own and therefore has no other routers to send its information to – however this network could be expanded and this information will be required.

For a small network RIP is easy to configure and will work well.  For larger networks you may wish to consider EIGRP or OSPF.
We will configure RIP version 2 as follows;

From the Global Configuration mode type the following commands

Central(config)#Router Rip

The prompt will change to Central(config-router)#

Central(config-router)#version 2

Central(config-router)#Network 10.0.0.0

Central(config-router)#Network 192.168.0.0

The above series of commands sets up RIP version 2 as the routing protocol which is set to advertise the two networks 10.0.0.0 and 192.168.0.0.  If other routers were part of this network they would receive information from this router about these networks.

From the Privileged Exec mode enter the command Central(config)# show running-config (you can type show run for short – Cisco IOS has many short commands that are recognised)

Your config should look similar to this

 show run
Building configuration…
Current configuration : 567 bytes
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Central
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
interface FastEthernet0/0
 ip address 10.0.0.1 255.0.0.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.0.1 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 10.0.0.0
 network 192.168.0.0
!
ip classless
!
line con 0
 password cisco
 login
!
line aux 0
!
line vty 0 4
 password cisco
 login
!
end

Now you can configure your hosts with IP addresses

PC0 should have the following information entered

IP Address 10.0.0.2

Subnet Mask 255.0.0.0

Default Gateway 10.0.0.1

 

PC1 should have the following information entered
IP Address 192.168.0.2

Subnet Mask 255.255.255.0

Default Gateway 192.168.0.1

 

You are now ready to test your network.

Assuming you are using a windows machine, on PC0 hit start, then type cmd

The command prompt should open. Type ping 192.168.0.1

image025

You should get a successful reply as above.

If you do not get a successful result.  Check all cabling first, the check all setting are correct and try again.
Ask your lecturer for help if you cannot resolve the problem.

Next – Show Commands