1 / 11

Cisco configuration elelements

This overview provides crucial elements necessary for configuring Cisco routers and switches to ensure effective network management. Key components include setting the hostname, enabling SSH for secure access, configuring DNS for domain name resolution, synchronizing time with NTP, monitoring with Syslog, and managing SNMP for network information. The document outlines basic configuration steps and best practices, applicable not only to Cisco devices but also to other network equipment. A well-configured network is vital for achieving reliable performance and security.

decker
Télécharger la présentation

Cisco configuration elelements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. APRICOT 2008 Network Management Taipei, Taiwan February 20-24, 2008 Cisco configuration elelements

  2. Overview • Basic things that we need to make sure are configured on a Cisco router (and switch) to do proper network management • These apply to other network equipment manufacturers of course, and to servers and workstations

  3. Elements • Hostname hostname of the device • SSH enable secure shell • DNS domain name lookup • NTP time synchronization • Syslog syslog messages • SNMP SNMP configuration • SNMP traps and where to send traps • CDP Cisco discovery protocol

  4. Hostname • Use the FQDN preferably. • In config mode:hostname gw|sw-XYZ[.domain.name]

  5. DNS configuration • Config mode:ip domain-name mgmt.conference.apricot.netip name-server 169.223.2.2

  6. NTP + time configuration • In config mode:ntp server pool.ntp.orgclock timezone CWT 8 • If needed:clock summer-time XXX recurring last Sun Mar 2:00 last Sun Oct 3:00 • Verify:show clock

  7. SSH • Only crypto version of IOS/CatOS have support for SSH – there are export restrictions... In config mode:aaa new-modelcrypto key generate rsausername inst secret 0 xxxxxxxxx • ... above is required to be allowed to enable SSH. Verify creation with:sh crypto key mypubkey rsa • Use at least 768 bits

  8. SSH (2)‏ • Enforce ssh (disabling telnet) on vty lines:host# conf thost(config)# line vty 0 4host(config-line)# transport input ssh^Zhost# • SSH is now enabled, and the telnet disabled

  9. Syslog • In config mode:logging noc.mgmt.conference.apricot.netlogging facility local5logging trap debugging

  10. SNMP • In config mode:snmp-server community xxxxxxxxx RWsnmp-server community apric0t08 ROsnmp-server location Taipei, room 403snmp-server enable traps configsnmp-server enable traps envmonsnmp-server enable traps configsnmp-server enable traps syslogsnmp-server host xxx (see cisco doc)‏

  11. CDP • Cisco Discovery Protocol • Normally enabled by default nowadays • Otherwise, enabled with ”cdp enable” • tcpdump and tools like cdpr will show you CDP announcements

More Related