Router Configuration

conf t First connect the console cable /rollover cable to the router, then open hyperTerminal, type any session name then click to comport and select the comport number and then click on default,then login to the router Firstly you find Router> This prompt,type en And you ill find Router! prompt then type conf t and you ill find Router"config t#! $rompt ,then you can start the configuration, the pass ord cisco then immediately type username %desired user name> pass ord % desired pass ord > username %given pass ord> pass ord %given user name> to change the single time useable username and pass ord follo s as cisco cisco then create an enable secret pass ord by using command enable secret %ne desired pass ord > then press ctrl&' and r then start to copy and pest the configuration remember we do all the configuration under configuire terminal,son always you should login to the global configuration by using conf t command here I am showing a template for configure a cisco router in this case we are assuming the network address on LAN is ()*+,*((-*(.(//0 and AN is()*(0-*/1*.(/-) !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! hostname "disered host name# 2 boot3start3marker boot3end3marker 2 enable secret "new disered password# $er%ice &assword 'ncription 2 no aaa ne 3model 2 no ipv. cef ip source3route ip cef 2

2 2 2 no ip bootp ser%er no ip domain lookup ip domain name nic(in ip name)ser%er *+,(*--(*.(/ ip name)ser%er *+,(*--(/(* ip name)ser%er *+,(*--(*00(1 multilink bundle3name authenticated 2 2 2 license udi pid 45647(1/(/81 sn F9:(+/-/-(; 2 2 username "disered user name# password "disered password# username "gi%en password# password "gi%en user name# 2 2 2 2 2 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< <Now we are going to configure an interface 2o configure e have rite all the commands under the interface, so have enter to the interface the command hich is used to enter the interface is int %type and specification of the interface> As e going to configure 9igabit=thernet so the command ill be int 9ieth and as e going to configure the 9igabit=thernet )/) so the command ill be int 3ieth-4- 2his interface will be the gateway for the LAN network of that client Router"config t#!int 9ieth)/) Router"config3in#! 6uppose e are going to configure a 9igabit=thernet for the :A> ith a >et ork address ()*+,*((-*(.(//0,so the first 5$ of that net ork address ill be the gate ay so
the 5$ of the gate ay or the router ill be ()*+,*((-*(.///0* >o discuss about that //0 part* This is 45R?"4lassless 5nter ?omain Routing# notation of an 5$* There are total -/ bit is reserved for 5$ and subnet mask as ell,and it is divided in , octave, contains @ bit, by using this numbers e mentioned that from the left there are /0 one"(# in this mask like ((((((((*((((((((*((((((((*((())))) hich is eAual to /++*/++*/++*//, And no e have to calculate the wild card mask for the net ork The calculation of the ild card mask is as follo s /++*/++*/++*/++3%subnet mask> B wild card mask 5n this eCample /++*/++*/++*/++3/++*/++*/++*//,B-(

so the wild card mask of this net ork 5/* And the DA> 5$ of the net ork is ()*(0-*/1*.(/-) 6o the subnet mask for the DA> ill be /++*/++*/++*/+/

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< < interface 3igabit'thernet-4description LAN interface connected with LAN $witch ip address *-(6,(**/(*+*"LAN I&7*# 166(166(166(11,"LAN mask# ip access)group '28'RN'2)IN&92 in ip access)group '28'RN'2):92&92 out no ip redirects no ip unreachables no ip pro;y)arp duple; auto speed auto no shut 2 e;it 2 interface $erial-4-4description AN Interface connected with NIC Router through 1 <bps Lease Line Circuit bandwidth 1-,= ip address *-(*./(10(+*"wan ip# 166(166(166(161 no ip redirects no ip unreachables no ip pro;y)arp encapsulation ppp no fair)>ueue no shut 2 e;it 2 ip for ard3protocol nd 2 no ip http server no ip http secure3server 2 ip route -(-(-(- -(-(-(- *-(*./(10(+- " an ip )*# 2 ip access)list standard <ANA3'<'N2 permit *-(*./(-(- -(-(166(166 permit *-(*(*+(- -(-(-(166 permit *-(6,(**/(*+*"LAN N'2 :R? I&# -(-(-(/*" ildcard mask# 2

eCit r ip access)list e;tended '28'RN'2)IN&92 deny tcp any any range */6 */0 deny tcp any any e> ,,6 deny tcp any any e> 66, deny tcp any any e> 60/ deny tcp any any e> *1*, deny udp any any e> *1*, deny udp any any e> *,/, deny tcp any any e> 1.,6 deny tcp any any e> 1.6, deny tcp any any e> ,,,, deny tcp any any e> 666, deny tcp any any e> +*10 deny tcp any any e> +/,+ deny udp any any e> +/,+ deny tcp any any e> +/,= deny udp any any e> +/,= deny tcp any any e> +/,0 deny udp any any e> +/,0 deny tcp any any e> +++. deny udp any any e> +==/ deny tcp any any e> +==, deny tcp any any e> ++00 deny udp any any e> tftp deny udp any any e> netbios)dgm deny udp any any e> netbios)ss deny udp any any e> netbios)ns deny ip *1.(-(-(- -(166(166(166 any permit icmp any any permit esp any any permit ahp any any permit ip any any e;it wr ip access)list e;tended '28'RN'2):92&92 deny tcp any any range */6 */0 deny tcp any any e> ,,6 deny tcp any any e> 66, deny tcp any any e> 60/ deny tcp any any e> *1*, deny udp any any e> *1*, deny udp any any e> *,/, deny tcp any any e> 1.,6

deny tcp any any e> 1.6, deny tcp any any e> ,,,, deny tcp any any e> 666, deny tcp any any e> +*10 deny tcp any any e> +/,+ deny udp any any e> +/,+ deny tcp any any e> +/,= deny udp any any e> +/,= deny tcp any any e> +/,0 deny udp any any e> +/,0 deny tcp any any e> +++. deny udp any any e> +==/ deny tcp any any e> +==, deny tcp any any e> ++00 deny udp any any e> tftp deny udp any any e> netbios)dgm deny udp any any e> netbios)ss deny udp any any e> netbios)ns permit icmp any any permit esp any any permit ahp any any permit ip any any eCit r 2 2 snmp)ser%er community nitpuwb R: snmp)ser%er community nodes@nicnet R: snmp)ser%er location NIC iN:C A $BC, ?olkata snmp)ser%er contact Be%ashish Chanda, 2B, NIC iN:C, ?olkata 2 control3plane 2 banner e;ec CC DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD 3o%ernment of India DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD 9nauthorised access to this de%ice or its attached networks is prohibited without e;press written permission( Eiolators will be prosecuted to the fullest e;tent of both ci%ilian and criminal law( DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD ctrl7c 2

eCit r line con ) line auC ) line %ty - , access)class <ANA3'<'N2 in pri%ilege le%el *6 login local transport input telnet line %ty 6 *6 access)class <ANA3'<'N2 in pri%ilege le%el *6 login local transport input ssh 2 scheduler allocate /)))) ())) ntp ser%er *+,(*--(166(* end

$witch Configuration
conf t First connect the console cable /rollover cable to the manageable s itch, then open hyperTerminal , type en then type the pass ord cisco then immediately type username %desired user name> pass ord % desired pass ord > username %given pass ord> pass ord %given user name> enable secret %ne desired pass ord > then press ctrl&' and r then start to copy and pest the configuration R=6T 7F A:: 6T=$6 AR= :58= 6A;= A6 R7ET=R Esing (01, out of .++-. bytes 2 version (/*/ no service pad service timestamps debug datetime msec service timestamps log datetime msec no service pass ord3encryption 2 hostname "router host name!$witch#

2 boot3start3marker boot3end3marker 2 enable secret "new disered password# 2 username "disered user name# password "disered password# username "gi%en password# password "gi%en user name# no aaa ne 3model system mtu routing (+)) ip subnet3'ero 2 2 2 2 crypto pki trustpoint T$3self3signed3((+/+@./, enrollment selfsigned subFect3name cnB57636elf36igned34ertificate3((+/+@./, revocation3check none rsakeypair T$3self3signed3((+/+@./, 2 2 crypto pki certificate chain T$3self3signed3((+/+@./, certificate self3signed )( nvramG57636elf36ig!-,-,*cer 2 2 2 2 2 spanning3tree mode pvst spanning3tree eCtend system3id 2 vlan internal allocation policy ascending 2 2 2 interface Fast=thernet)/( 2 interface Fast=thernet)// 2 interface Fast=thernet)/2 interface Fast=thernet)/, 2 interface Fast=thernet)/+ 2

interface Fast=thernet)/. 2 interface Fast=thernet)/0 2 interface Fast=thernet)/@ 2 interface Fast=thernet)/1 2 interface Fast=thernet)/() 2 interface Fast=thernet)/(( 2 interface Fast=thernet)/(/ 2 interface Fast=thernet)/(2 interface Fast=thernet)/(, 2 interface Fast=thernet)/(+ 2 interface Fast=thernet)/(. 2 interface Fast=thernet)/(0 2 interface Fast=thernet)/(@ 2 interface Fast=thernet)/(1 2 interface Fast=thernet)//) 2 interface Fast=thernet)//( 2 interface Fast=thernet)/// 2 interface Fast=thernet)//2 interface Fast=thernet)//, 2 interface 9igabit=thernet)/( 2 interface 9igabit=thernet)// 2 interface Elan* ip address *-(6,(**/(*+1"FLAN N'2 166(166(166("subnet mask# no ip route3cache

:R? ABBR'$$ I& 71G:R Router I&7*#

no shut 2 ip default)gateway *-(6,(**/(*+*"Router LAN I&# ip http server ip http secure3server 2 control3plane 2 2 line con ) line %ty - , login local transport input telnet 2 end HHHHHHHHHHHHHHHHHHHHHHI!J2I!JJI!I!+/----------HHHHHHHHHHHHHHHHHHHHHH

Conf t Int gi-4Int se -4-4-

After configuire the router and s itch $h in%ent $h %er