Configuring a Cisco Router

In the previous posts, I have explained how to upload the IOS and create a start up configuration, now we can configure the router which includes naming and setting passwords.


Name the Router: An un-configured router will show the device name as Router> by default; you have to give it a specific name so that it can be identified easily in a network. For this, we enter the Privilege EXEC mode and give it a host name,

Router>
Router>enable
Router#configure terminal
Router(config)#hostname CORE
CORE(config)

Now we have named the Router as ‘CORE’. This is the same way how you name a Cisco Switch.


Password protecting a router: There are three types of password that can be use to control access on a router. The first one is to limit access to the User EXEC mode; the second one is to limit access to the Privileged EXEC mode and the third one to limit access to the router through telnet.

Console Password: The console password would limit access to the User EXEC mode in a router, which means that if someone connects a PC to the router, he won’t be able to get to the User EXEC mode.


CORE>enable
CORE#configure terminal
CORE(config)#line console 0
CORE(config-line)#password 12345
CORE(config-line)#login
CORE(config-line)#exit


It’s important to use the login command because it’s like asking the router to prompt for the password when someone tries to login. Without the login command, the user won’t be asked for a password.


Enable Mode Password: This password control access to the Privileged EXEC mode. So you can give the user a low level access with the console password and a high level access with the enable mode password.
Continuing with the above configuration,


CORE(config)#enable password 121212
CORE(config)#enable secret NETWORK


There are two ways of setting enable password, you can either use the command enable password or enable secret . The difference is that if don’t use enable secret, the password you type in will appear in the running configuration as plain text, but if you use the enable secret command, the password will be encrypted. If you use both the methods like I did in the above configuration, only the encrypted password will be accepted.


Telnet Password: Telnet is used to login to a router remotely. While the two passwords explained above are optional, Telnet won’t work unless and until you set a password for Telnet in your router.


CORE(config)#line vty 0 4
CORE(config-line)#password CISCO
CORE(config-line)#login


Here vty 0 4 refers to 5 virtual terminals, which means that 5 users can connect to your router at the same time.
This is how the configuration would look like,

Now we have to save this configuration in the NVRAM, so that in case you have to reboot the router, the configuration is not erased. For this, you can use ‘Write’ of ‘copy running-config startup-config’. This procedure can be anytime while configuring also.

If you run ‘show run’ command, you can see that only the enable mode password is encrypted, the rest are in plaintext. In order to encrypt the entire password you can run the ‘Service password-encryption’ in the config mode.

Digg ThisAdd To Del.icio.us Add To Furl Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This

1 comment:

Unknown said...

Hi,
U explained the basic router cofiguration.Its very nice.Can u expalin how to configure a USERNAME in a router?

Awaiting for ur reply.Thank u.