1 / 85

Basic IOS

Basic IOS. CIS 82 Rick Graziani Cabrillo College Spring 2007. Accessing the Switch and Router. Directly using the console port No configuration needed on the router Telnet – over the network Network connection Network configuration on both ends (IP address, subnet mask, etc.)

varen
Télécharger la présentation

Basic IOS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Basic IOS CIS 82 Rick Graziani Cabrillo College Spring 2007

  2. Accessing the Switch and Router • Directly using the console port • No configuration needed on the router • Telnet – over the network • Network connection • Network configuration on both ends (IP address, subnet mask, etc.) • Telnet password configured on router • Modem – We won’t do this! Rick Graziani graziani@cabrillo.edu

  3. Accessing the router and switch directly • The console port on the router allows you to connect a “dumb” terminal or a computer with terminal emulator software directly. • No IP addressing or other configurations needed on the router. • Used for: • Configuring a device that has never been configured. • Configuring a device directly, because you are physically located where the device is. • Troubleshooting a device that you can no longer access remotely. • Performing password recovery. Rick Graziani graziani@cabrillo.edu

  4. Console Port on 2950 Switch Rick Graziani graziani@cabrillo.edu

  5. Management port – Console Port connection Rick Graziani graziani@cabrillo.edu

  6. Serial Port Rick Graziani graziani@cabrillo.edu

  7. FYI Only! This is for connecting using a modem. Urrrg! Management port – AUX port connection Rick Graziani graziani@cabrillo.edu

  8. Connecting console interfaces When connected using the console interface, the computer is acting as a “dumb terminal”. <Router Output> Rick Graziani graziani@cabrillo.edu

  9. Terminal Emulators • HyperTerminal: Comes with Windows • Teraterm: Free download (recommended) • Settings: • 9600 Baud • 8 Data Bits • 1 Stop Bit • No Parity Rick Graziani graziani@cabrillo.edu

  10. Using HyperTerminal Settings Match serial port on PC Rick Graziani graziani@cabrillo.edu

  11. Teraterm Rick Graziani graziani@cabrillo.edu

  12. Connecting console interfaces <Router Output> Rick Graziani graziani@cabrillo.edu

  13. Booting up the Switch and the Router

  14. Power-up the router (and switch) – No configuration If the routers do not have a saved configuration. After several lines of information on the screen you should eventually see: Would you like to enter the initial configuration dialog? [yes/no]: n • Always answer “n” fo no. • We will never be using setup mode. • If you accidentally press “y” and enter Setup Mode, press and hold down the control key and press C (CTRL-C). • Wait a few seconds, and then press Enter. On some routers you may see the following message. Would you like to terminate autoinstall? [yes/no]: y <There will be several lines of output> Router> Rick Graziani graziani@cabrillo.edu

  15. Power-up the router (and switch) – Has Configuration The router has a pre-existing configuration. If after you power-up the router, instead of getting the previous message, you get: Router> • Someone has saved a configuration on the router (startup-config). • Because it is always best to begin our labs without a previous router configuration, you will need to erase the startup-config and reboot the router. Router> enable If you are prompted for a password type: class or if that does not work, type cisco Router# erase startup-config Turn off the router and then turn it back on. Rick Graziani graziani@cabrillo.edu

  16. User Mode and Privilege Mode, Getting Help, and Abbreviated Commands

  17. User Mode (Router and Switch) Router> Switch> • User mode will allow you to view the state of the router, but will not allow you to modify its configuration. • Don’t confuse “user” mode with users of the network. • This is only for network techs, operators, engineers, etc. Rick Graziani graziani@cabrillo.edu

  18. Privilege Mode (Router and Switch) Router> enable <user mode> Router# <privilege mode> Router# disable <privilege mode> Router> enable <user mode> Router# <privilege mode> • Allows the administrator to modify the router configuration Rick Graziani graziani@cabrillo.edu

  19. Getting Help (Router and Switch) Router> ? Exec commands: access-enable Create a temporary Access-List entry access-profile Apply user-profile to interface clear Reset functions <text omitted> ping Send echo messages ppp Start IETF Point-to-Point Protocol (PPP) --More-- • Press the Space Bar to scroll a “screen’s worth” of more commands. • Press the Enter or Return key to scroll down just one line of the list. • Press any other key to halt the list output. Rick Graziani graziani@cabrillo.edu

  20. Getting Help (Router and Switch) Router> show ? alps Alps information backup Backup status c2600 Show c2600 information call Show call cca CCA information ccm-manager Call Manager Application information cdapi CDAPI information cef Cisco Express Forwarding class-map Show QoS Class Map clock Display the system clock <text omitted> --More— Router> show • Starts you off where you finished. Rick Graziani graziani@cabrillo.edu

  21. Getting Help (Router and Switch) Router> show interfaces ? Async Async interface BRI ISDN Basic Rate Interface BVI Bridge-Group Virtual Interface <text omitted> Router> show interfaces • Starts you off where you finished. Rick Graziani graziani@cabrillo.edu

  22. Abbreviated commands (Router and Switch) Router# sh inter Same as Router# show interfaces Rick Graziani graziani@cabrillo.edu

  23. Global Configuration Modeand Passwords

  24. Using exit, end and Control-Z end exit Rick Graziani graziani@cabrillo.edu

  25. Router>ena Router#configure terminal <Must be in privileged mode> Enter configuration commands, one per line. End with CNTL/Z. Router(config)#? Configure commands: access-list Add an access list entry <text omitted> Router(config)#exit 00:03:20: %SYS-5-CONFIG_I: Configured from console by con Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#exit 00:03:34: %SYS-5-CONFIG_I: Configured from console by console Router# Rick Graziani graziani@cabrillo.edu

  26. Hostname Router#config t Router(config)#hostname R1 R1(config)# • Changes the name, the prompt on the router. • Very important to do early on so you don’t get confused about which router you are configuring. Rick Graziani graziani@cabrillo.edu

  27. Passwords • There are only two passwords we will use in our classes, they are cisco and class. (both lowercase). • Of course this is something you would not do in a production network, but so we do not have to do password recovery on equipment and to make it easier for everyone, we will use only these two passwords. • Console = cisco • VTY = cisco • Priviledge = class Rick Graziani graziani@cabrillo.edu

  28. Console password = cisco Router#conf t R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)# • The console password requires someone to enter a password before accessing the router using the console port. Rick Graziani graziani@cabrillo.edu

  29. VTY password = cisco R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)# • The vty password requires someone to enter a password before accessing the router remotely using telnet. Rick Graziani graziani@cabrillo.edu

  30. Privilege password = class R1(config)#enable secret class R1(config)#end Test it: R1#disable R1>enable Password:class R1# • The privilege mode password requires someone to enter a password when entering privilege mode with the enable command. Rick Graziani graziani@cabrillo.edu

  31. Configuring router passwords Not recommended, clear text Encrypts the passwords above, but… Use this command instead, password is encryped Router(config)#enable secret <password> Rick Graziani graziani@cabrillo.edu

  32. service password-encryption command WARNING • service password-encryption uses a Cisco Level 7 encryption which is very easy to decrypt. • For the GetPass! software www.boson.com • However, the enable secret <password> uses a stronger encryption method and cannot be easily hacked. Rick Graziani graziani@cabrillo.edu

  33. enable secret <password> command • More later! Doesn’t work for enable secret! Rick Graziani graziani@cabrillo.edu

  34. Viewing, Saving and Erasing the Configurations

  35. running-config Router#show running-config Current configuration : 542 bytes ! version 12.2 ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface Serial0/0 no ip address shutdown ! line con 0 line aux 0 line vty 0 4 ! end Router# • The running-config file is the configuration in RAM memory. • All changes are made to the running-config file. • This is the configuration that the router is currently using. • The running-config is lost when the router loses power or reloads. • Privilege mode command. Rick Graziani graziani@cabrillo.edu

  36. startup-config Router#show startup-config startup-config is not present Router# • The startup-config file is the saved configuration in NVRAM. • If there is a startup-config file in NVRAM when the router boots up, this file will be copied into running-config. • The running-config is what the router will use. • Privilege mode command. Rick Graziani graziani@cabrillo.edu

  37. Copy running-config to startup-config Router#copy running-config startup-config Destination filename [startup-config]? <Press Enter> Building configuration... [OK] Router#show startup-config Current configuration : 542 bytes ! version 12.2 ! interface FastEthernet0/0 <text omitted> • The running-config should be periodically saved to startup-config when you are satisfied with your changes and you do not want to lose them. (Lab) • Production network, startup-config should always match running-config in case of power failure, etc. • Privilege mode command. Rick Graziani graziani@cabrillo.edu

  38. Erase startup-config Router#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm] <Press Enter> [OK] Erase of nvram: complete Router# • When you are done with the routers in the lab, please be sure to erase the startup-config. • If you are starting a lab, and you do not get the message: Would you like to enter the initial configuration dialog? [yes/no]: • You will need to erase the startup-config and reboot. • Privilege mode command. Rick Graziani graziani@cabrillo.edu

  39. copy running-config startup-config Router# copy running-config startup-config Or Router# copy running startup OR Router# copy run start OR Any usage of the command or parameters, so that they are still uniquely recognizable. Rick Graziani graziani@cabrillo.edu

  40. copy running-config startup-config WARNING • Using an incorrect configuration file name could overwrite the router’s IOS in flash, as the router believes you are trying to copy a blank file into flash. Router#copy running-config start-up **** NOTICE **** Flash load helper v1.0 This process will accept the copy options and then terminate the current system image to use the ROM based image for the copy. Routing functionality will not be available during that time. If you are logged in via telnet, this connection will terminate. Users with console access can see the results of the copy operation. ---- ******** ---- Proceed? [confirm]^C %Copy cancelled by user request. Router# Incorrect file name! Press <control> C Rick Graziani graziani@cabrillo.edu

  41. Executing adds, moves, and changes running-config startup-config IOS Bootup program IOS (running) ios (partial) Rick Graziani graziani@cabrillo.edu

  42. copy running-config startup-config • Changes to the router are automatically put in the running-config file. • If the router loses power or reboots, everything in RAM is lost including the running-config file. • To make sure the changes to the router’s configuration remain saved, you must copy the running-config from RAM into the startup-config into NVRAM: Router# copy running-config startup-config During bootup running-config RAM startup-config Router# copy running-config startup-config Rick Graziani graziani@cabrillo.edu

  43. reload Router#erase startup-config Rick Graziani graziani@cabrillo.edu

  44. Managing Console Input Router(config)#line console 0 Router(config-line)#logging synchronous Router(config-line)#exec-timeout 0 0 Router(config-line)#exit Router(config)#no ip domain-lookup Rick Graziani graziani@cabrillo.edu

  45. The Router

  46. Router is a computer • “The ARPANET went into labor on August 30, 1969, when BBN delivered the first Interface Message Processor (IMP) to Leonard Kleinrock's Network Measurements Center at UCLA. The IMP was built from a Honeywell DDP 516 computer with 12K of memory, designed to handle the ARPANET network interface. In a famous piece of Internet lore, on the side of the crate, a hardware designer at BBN named Ben Barker had written "Do it to it, Truett", in tribute to the BBN engineer Truett Thach who traveled with the computer to UCLA on the plane.” • www.livinginternet.com/i/ii_arpanet.htm Rick Graziani graziani@cabrillo.edu

  47. Router internal components • CPU • RAM • Flash • NVRAM • Buses • ROM • Interfaces • Power Supply Rick Graziani graziani@cabrillo.edu

  48. Router physical characteristics Rick Graziani graziani@cabrillo.edu

  49. Router external connections Rick Graziani graziani@cabrillo.edu

  50. Connecting LAN interfaces Rick Graziani graziani@cabrillo.edu

More Related