Computers, Equipment

Cisco Routers: Configuration, Models. network hardware

Cisco routers have long and by right won the confidence of many users. By faith and truth for many years they transmit traffic to various devices between different types of networks. The word "cisco" today has become synonymous with such concepts as quality and reliability. Especially as the Cisco router price is always kept within acceptable limits.

Characteristics of Cisco routers and switches

Currently, various series of Cisco switches and routers are widely used. The series includes several models that differ in a number of characteristics. However, all of them can be divided into the following large groups:

Portable routers. They are designed for small and medium-sized networks.
Devices with an ISR - these Ethernet switches have a very flexible architecture. By installing various applications, you can almost unlimitedly expand their capabilities.
Modular devices. The capabilities of such devices can be expanded through the connection of various modules, so you can flexibly manage the hardware architecture. Recommended for acquisition by small and medium-sized enterprises.

All the devices presented work on the reception and transmission of information packets on the third level of OSI. With their help, you can build networks of very different scale and purpose. Cisco VPN tunnel devices support the following: L2TP, DMVPN, IPsec, GRE and PPTP. Setting up a VPN on a Cisco router will allow data to be transmitted over an encrypted private channel.

The Cisco 2960 series switches also have a number of models, but the common characteristics for them are:

L2 level;
The number of ports supported is 8, 24 or 48;
Power PoE, PoE +;
Support for connection security;
The port speed can be different, depending on the router model - 100 megabit and 1 gigabit;
The possibility of stacking is also available in some models, but not in others.

A feature of Cisco routers is that they are often narrowly specialized. There are no universal models in their line that could serve equally both in an apartment for the formation of a home local network, or in an enterprise or in an office. Each line is responsible for something of its own and has at times a very narrow specialization. So when choosing network equipment from Cisco, this point needs to be taken into account: even the most expensive and advanced router or router can be a useless set of cards and wires in one place and an absolutely indispensable device in another.

Directions for configuring Cisco equipment

The equipment is usually configured in the following ways:

Set up Wi-Fi scalable networks. It is scaled networks that allow you to flexibly react to all the necessary changes and cost a little when reorganizing the network.
Works on setting up Internet telephony on the basis of Cisco. This may mean the arrangement of a local network, either within a single office or enterprise, or more global-that unites several local networks into one at a time. There are options with combining from 350 users to 30,000 with clustering.
Cisco-Configuring Firewall and IPS. This configuration of network security is the most important point in debugging work, which can not be neglected in any case.
Configuring network monitoring tools. It is recommended to use specialized software from Cisco. Thanks to this, there will not be any problems with the compatibility of the software and hardware components, and the administrator can at any time obtain objective information about the operation of the network and react in time to possible problems.
Configure the Cisco VPN. By this means the integration of several local networks into one, including those that are geographically separated by sufficiently large distances. It may also be necessary to connect workstations of individual employees to the company's shared resources.

How to connect a router to a computer

Of course, the network equipment setup begins with connecting it to the computer. The router is connected to the PC using a special console cable. Then, the terminal emulator starts. Since it will need to enter all the commands in the future.

Many routers and routers use the COM port so far to connect to the computer. However, not all modern machines have such a port. In this case, special adapters on USB-COM will help. Depending on the configuration, they can both be supplied with the network equipment, and not be supplied. But it's better to choose a model that already supports the USB connection method.

The port is: 9600/8-N-1. If you want to overload the router with an empty startup configuration, you need to issue the command: enable. This loads the EXEC mode. To start from scratch, type: erase startup-config. And reload the equipment with the command: reload. The question of the operating system about whether to enter the settings window, you need to answer in the negative.

However, all of the above can not be done if there is no need to get an empty config.

General information about the syntax of console commands in Cisco routers and routers

As for Cisco equipment, Windows does not offer the familiar window interface user interface. All commands are entered through the console terminal. And thus it is necessary to adhere to following rules:

If you enter a question mark, Cisco will display a full list of available commands and operands;
The name or keyword needed is recommended to be reduced to the minimum limit;
Editing the command line in the terminal console is acceptable, as it is done on Linux or Unix systems;
If the operator has changed his mind about executing this or that command, he can interrupt her performance by typing NO from the keyboard;
To switch to the access level from 0 (beginner) to 15 (administrator), you need to enter the command: enable Access-level_number.

Enabling SSH

The installation of the router can also begin with the fact that SSH will be assigned to all connections by default. Using SSH, you can send any data from a remote computer through encrypted channels. To enable SSH in Cisco, you need to:

Enable advanced privilege mode with the enable command.
Specify the exact current time.
To start directly configuring the system, you need to issue the command: router # configure terminal.
Then you should specify the domain name, and this is done using the command: router (config) # ip domain name mydomain.ru.
The key for encryption is generated by the command: router (config) # crypto key generate rsa.
To create a new user, you need a command in the console: router (config) # username UserName privilege 11 password 7 my_passwd. Here for the Cisco device it is supposed to be configured with a user of the 11th level, which is not available for absolutely all commands. But you can create a fully privileged user, for this you need to specify the access level is not 11, but the maximum is 15.
Using the commands: router (config) # aaa new-model route (config) # line vty 0 4 the aaa protocol is started and the configuration for the terminal lines is enabled. In this case, from 0 to 4.
Using commands: router (config-line) # transport input ssh router (config-line) # logging synchronous is assigned to SSH as default.
It remains only to exit from all modes, and then save the changes. This is done using the following set of commands: router (config-line) #exit router (config) # exit router # write.

How to configure Cisco ports

To enter the configuration mode for global settings for ports in Cisco, you need to type the following command:

Conf t

Interface fa0 / 2.

You can configure the following Cisco ports:

Access Port. This terminal port is output directly to the client device - modem, router or directly PC, where unattested traffic will arrive. If you dial switchport mode access in the console, the selected port is transferred to the access mode, and all traffic starts to flow through vlan 1. But if you issue the command switchport access vlan 310, the data will go to vlan 310.
Trunk port. This port is recommended to be used if there is a network device on the other end - Ethernet switches, routers, etc. To use this port, you need to register in the console: switchport mode trunk - works on the model 2950. But on 2960 this command is entered somewhat differently:

Switchport mode trunk

Switchport trunk encapsulation dot1q.

If you want to use only some vlan, then in the console you need to enter: switchport trunk alloved vlan 310, 555 - that is, the commas separate the vlan numbers;

Hybrid port. For Cisco ports, the configuration does not work with the hybrid port, however, you can assign a port as a hybrid port if you assign your own nativ vlan to the trunk port. You can see this in the syntax of the following commands in the console:

Switchport mode trunk (creates a trunk port)

Switchport trunk alloved vlan 310,555 (such ports as vlan 310 and 555 are used)

Switchport trunk native vlan 310 (all untagged traffic is transferred to vlan 310, and the rest - to 555).

The process of port configuration was considered on the example of the Cisco 2960 model - one of the most common today. However, for devices of other series, the actions will be similar.

Reset settings

After the settings are reset, the configuration file is cleared, all the fine-tuning will need to be carried out again, and therefore the reset is often considered as an extreme measure.

It is not difficult to execute it. To do this, just connect the router cable to the console and enter the command in the management console: Router # erase startup-config. And then: Reload. The router is reset, after the reboot the config will be absolutely clean.

It is worth noting that resetting Cisco settings is rarely required. However, for one reason or another, it still needs to be done. Also, do not forget, after restoring the settings, to return the value of the register with the command: config-register 0x2102.

How to save the configuration

For any network equipment, including Cisco, tuning is not all. It is still necessary to be able to save what was set up, that is, to keep the changes made.

In Cisco routers, there are two types of save:

In the device's RAM;
In nonvolatile, starting memory.

The first type records all the changes made on the way, but when the equipment is restarted, they are lost, and the boot will occur with the settings from the startup memory. However, Cisco equipment is designed in such a way that it is impossible to directly make changes to the initial configuration. To save all changes to permanent memory, you need to do the following:

Copy the current settings to the startup commands: #copy running-config startup-config.
Copy the current settings to the FTP server with the command: #copy running-config tftp: // server_name.

Third-party programs for Cisco configuration

For Cisco equipment, tuning can be much easier and faster if you use specialized programs for this purpose. However, this is more a matter of taste: the hard-core sysadmins have grown tightly to their console interface, and there are no forces in nature to tear them away from it.

The rest, especially beginners, can be recommended to download some applications that can facilitate the task of configuring Cisco equipment:

First of all, this is a regular Windows tool - the Hyper Terminal program. However, in the latest versions of Windows it is not supplied as standard. To install Hyper Terminal, you need to select "Install Windows Components", then find "Standard and Service Applications" and click on the "Composition" screen button. Next, you need to find the "Link" item and click on "Composition" again and tick the Hyper Terminal program.
Putty is a freeware application for Windows and Linux, it's a pretty good terminal emulator. It is preferred by many system administrators.
Cisco Device Connections Program is a specialized program for setting up and forming Cisco networks, its characteristics are impressive. Accordingly, it has full 100% compatibility with all Cisco equipment. First of all, the Cisco Device Connections Program is positioned as an application adapted for a novice user, who needs to build a small-size network within a small enterprise or home scale.
A good program - an analogue of Putty - in the Linux OS you can read the Minicom package.

Graphical configuration interface

Of course, assigning commands from the terminal is an activity that not every user will like. And third-party programs need to be downloaded, sometimes not for free. However, it is possible to enable the graphical interface directly in the Internet browser. To do this, you will first need to install a special Java module, which you can download from the official Java website. The module is called Jre. In addition, you need an SDM application - it can be installed both on the router itself and on the operating system.

Next, you need to set permissions in the browser to show pop-ups and to start active content.

As soon as the SDM starts, you will need to drive the IP address chosen for the vlan1 port. It is also recommended that you clear the check box next to the HTTPS parameter.

After clicking on the launch button, a dialog box appears where you will be asked to enter the password-login string. If all is entered correctly - the working window of the program SDM, launched directly in the browser, will appear.

Customizing the Linksys model line

If the user has got a router from the Linksys model line, then the task of setting up in the graphical environment is simplified at times. After connecting, it will be enough to type in the address bar of the browser: 192.168.1.1. And after that, the settings window will be loaded in graphical mode.

To start, you must immediately change the password and login, which by default are given as: admin - admin. This is done after going to the Administration tab. In the same tab, you can make a backup backup settings.

Next, go to Wireless - Basic Wireless Setup, in this tab, set the settings to manual (Manual). As a secret key, the serial number of the device itself is usually used.

It remains only to choose the type of Internet connection used and to drive in the corresponding graphs the settings that the provider issues.

Password Security Thinness

In conclusion, it should be noted that many sysadmins do not relate to the secrecy of their passwords with due respect. And completely in vain, because if you limit yourself to the parameter "password" during the creation of the password, then it can be successfully "merged" by snmp and compromise the security of the entire system. Therefore, it is recommended to use the "secret" parameter for the privilege mode. The point is that if you use the "password" parameter, the password will be stored in clear form in the config file, and if you type the "secret" parameter, the password will be encrypted.

In the latter case, the command for setting the encryption password should look something like this: Router (config) #enable secret PASS , where PASS is the given password. This sets the password for working in the extended mode with privileges.

Depending on which Cisco equipment model, the hardware and software parts can be adjusted, but in general the picture looks exactly as described above.

Similar articles

The computer is hanging up, what to do in such a situation.

Computers

Filling the air conditioner with freon: features

Computers

GeForce GT 720M: overview of the video card

Computers

Headphones MDR EX15LP SONY: description, specs, reviews

Computers

Vinyl Sticker On Laptop - It's Stylish And Fashionable!

Computers

Which is better - AMD or Intel for games? Which processor should I choose?

Computers

Trending Now

Motherboard ASUS - quality, time-tested

Computers

Amphibian Cars

Automobiles

Italian artist Masaccio: pictures and biography of the creator

Arts & Entertainment

Deciduous sea dragon - an interesting inhabitant of the underwater world

News and Society

Binary system: arithmetic operations and scope

Computers

Restaurant "Malinovka" (Ekaterinburg): review, menu and testimonials of visitors

Food and drink

Newest

Polovtsev's mansion in St. Petersburg: description, history, interesting facts and reviews

Travels

Schizandra chinese: health benefits

Health

Townhouses in St. Petersburg and the Leningrad region. Photos, reviews

Finance

Onyeroid syndrome: symptoms, treatment. Treatment of onyeroid-catatonic syndrome in schizophrenia

Health

Weevil on a strawberry. Methods of struggle

Homeliness

5 ways how we hurt our parents without realizing it

Home and family