ICS26014 Module10
ICS26014 Module10
Module Objectives
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Initial Router Settings
Basic Router Configuration Steps
Router(config)# hostname hostname
• Configure the device name.
Router(config)# enable secret password
• Secure privileged EXEC mode.
Router(config)# line console 0
• Secure user EXEC mode. Router(config-line)# password password
Router(config-line)# login
• Secure remote Telnet / SSH
access. Router(config)# line vty 0 4
Router(config-line)# password password
• Encrypt all plaintext passwords. Router(config-line)# login
Router(config-line)# transport input {ssh | telnet}
• Provide legal notification and
Router(config)# service password encryption
save the configuration.
Router(config)# banner motd # message #
Router(config)# end
Router# copy running-config startup-config
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Initial Router Settings
Basic Router Configuration Example
R1(config)# hostname R1
• Commands for basic router R1(config)# enable secret class
configuration on R1. R1(config)# line console 0
R1(config-line)# password cisco
• Configuration is saved to R1(config-line)# login
NVRAM. R1(config-line)# line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# transport input ssh telnet
R1(config-line)# exit
R1(config)# service password encryption
R1(config)# banner motd #
Enter TEXT message. End with a new line and the #
***********************************************
WARNING: Unauthorized access is prohibited!
**********************************************
R1(config)# exit
R1# copy running-config startup-config
10.2 Configure Interfaces
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Interfaces
Configure Router Interfaces
Configuring a router interface includes issuing the following commands:
Commands Description
show ip interface brief Displays all interfaces, their IP addresses, and their
show ipv6 interface brief current status.
show ip route Displays the contents of the IP routing tables stored in
show ipv6 route RAM.
show interfaces Displays statistics for all interfaces on the device. Only
displays the IPv4 addressing information.
show ip interfaces Displays the IPv4 statistics for all interfaces on a router.
show ipv6 interfaces Displays the IPv6 statistics for all interfaces on a router.
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Interfaces
Configure Verification Commands (Cont.)
View status of all interfaces with the show ip interface brief and show ipv6 interface
brief commands, shown here:
<output omitted>
R1#
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Interfaces
Configure Verification Commands (Cont.)
R1# show ip interface g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
Display IPv4 statistics for Internet address is 192.168.10.1/24
Broadcast address is 255.255.255.255
router interfaces with the Address determined by setup command
MTU is 1500 bytes
show ip interface Helper address is not set
command, as shown here: Directed broadcast forwarding is disabled
Outgoing Common access list is not set
Outgoing access list is not set
Inbound Common access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP Flow switching is disabled
<output omitted>
R1#
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure Interfaces
Configure Verification Commands (Cont.)
R1# show ipv6 interface g0/0/0
Display IPv6 statistics for GigabitEthernet0/0/0 is up, line protocol is up
router interfaces with the IPv6 is enabled, link-local address is
FE80::868A:8DFF:FE44:49B0
show ipv6 interface No Virtual link-local address(es):
command shown here: Description: Link to LAN
Global unicast address(es):
2001:DB8:ACAD:10::1, subnet is 2001:DB8:ACAD:10::/64
Joined group address(es):
FF02::1
FF02::1:FF00:1
FF02::1:FF44:49B0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND NS retransmit interval is 1000 milliseconds
R1#
10.3 Configure the Default Gateway
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure the Default Gateway
Default Gateway on a Host
• The default gateway is used
when a host sends a packet to a
device on another network.
• The default gateway address is
generally the router interface
address attached to the local
network of the host.
• To reach PC3, PC1 addresses a
packet with the IPv4 address of
PC3, but forwards the packet to
its default gateway, the G0/0/0
interface of R1.
Note: The IP address of the host and the router
interface must be in the same network.
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Configure the Default Gateway
Default Gateway on a Switch
• A switch must have a default
gateway address configured to
remotely manage the switch from
another network.
• To configure an IPv4 default
gateway on a switch, use the ip
default-gateway ip-address
global configuration command.
10.4 Module Practice and Quiz
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Module Practice and Quiz
What did I learn in this module?
• The tasks that should be completed when configuring initial settings on a router.
• Configure the device name.
• Secure privileged EXEC mode.
• Secure user EXEC mode.
• Secure remote Telnet / SSH access.
• Secure all passwords in the config file.
• Provide legal notification.
• Save the configuration.
• For routers to be reachable, the router interfaces must be configured.
• Using the no shutdown command activates the interface. The interface must also be
connected to another device, such as a switch or a router, for the physical layer to be
active. There are several commands that can be used to verify interface configuration
including the show ip interface brief and show ipv6 interface brief, the show ip route
and show ipv6 route, as well as show interfaces, show ip interface and show ipv6
interface.
INSTITUTE
COLLEGE OF INFORMATION
OF INFORMATION AND AND COMPUTING
COMPUTING SCIENCES
SCIENCES
Module Practice and Quiz
What did I learn in this module (Cont.)?
• For an end device to reach other networks, a default gateway must be configured.
• The IP address of the host device and the router interface address must be in
Let’s play