Module 10: Basic Router Configuration
10.1 Configure Initial Router Settings
Basic Router Configuration Steps:
Configure the device name using the
hostname hostnamecommand in global configuration mode.Secure privileged EXEC mode using the
enable secret passwordcommand in global configuration mode. This sets an encrypted password for accessing privileged mode.Secure user EXEC mode by configuring a password on the console line. This involves the following commands:
line console 0to enter line configuration mode for the console.password passwordto set the password.loginto require a password for console access.
Secure remote Telnet/SSH access by configuring a password on the VTY (Virtual Terminal) lines:
line vty 0 4to enter line configuration mode for VTY lines 0 through 4.password passwordto set the password.loginto require a password for VTY access.transport input {ssh | telnet}to specify the allowed transport protocols (SSH or Telnet).
Encrypt all plaintext passwords using the
service password-encryptioncommand in global configuration mode. This encrypts all passwords in the configuration file.Provide a legal notification banner using the
banner motd # message #command in global configuration mode. Replacemessagewith the banner text, delimited by the#character. This displays a message to users before they log in.Save the configuration using the
copy running-config startup-configcommand in privileged EXEC mode. This saves the current running configuration to NVRAM (Non-Volatile RAM) so it is retained after a reboot.
Basic Router Configuration Example:
Commands for basic router configuration on R1:
R1(config)# hostname R1- Sets the hostname of the router to R1.R1(config)# enable secret class- Sets the encrypted password for privileged EXEC mode to "class".R1(config)# line console 0R1(config-line)# password cisco- Sets the console password to "cisco".R1(config-line)# login- Requires a password for console access.R1(config-line)# line vty 0 4R1(config-line)# password cisco- Sets the VTY password to "cisco".R1(config-line)# login- Requires a password for VTY access.R1(config-line)# transport input ssh telnet- Specifies that only SSH and Telnet are allowed for VTY access.R1(config-line)# exit- Exits line configuration mode.R1(config)# service password-encryption- Enables password encryption.`R1(config)# banner motd # Enter TEXT message. End with a new line and the #
WARNING: Unauthorized access is prohibited!
****- Sets the Message of the Day (MOTD) banner. *R1(config)# exit- Exits global configuration mode. *R1# copy running-config startup-config` - Saves the configuration to NVRAM.
10.2 Configure Interfaces
Configuring Router Interfaces:
To configure a router interface, use the following commands:
Router(config)# interface type-and-number- Specifies the interface to configure (e.g.,interface GigabitEthernet0/0/0).Router(config-if)# description description-text- Adds a description to the interface for documentation purposes.Router(config-if)# ip address ipv4-address subnet-mask- Configures the IPv4 address and subnet mask for the interface.Router(config-if)# ipv6 address ipv6-address/prefix-length- Configures the IPv6 address and prefix length for the interface.Router(config-if)# no shutdown- Activates the interface.
It's a good practice to use the
descriptioncommand to add information about the network connected to the interface.The
no shutdowncommand activates the interface.
Configure Router Interfaces Example:
The commands to configure interface G0/0/0 on R1 are:
R1(config)# interface gigabitEthernet 0/0/0R1(config-if)# description Link to LANR1(config-if)# ip address 192.168.10.1 255.255.255.0R1(config-if)# ipv6 address 2001:db8:acad:10::1/64R1(config-if)# no shutdownR1(config-if)# exit
The commands to configure interface G0/0/1 on R1 are:
R1(config)# interface gigabitEthernet 0/0/1R1(config-if)# description Link to R2R1(config-if)# ip address 209.165.200.225 255.255.255.252R1(config-if)# ipv6 address 2001:db8:feed:224::1/64R1(config-if)# no shutdownR1(config-if)# exit
Verify Interface Configuration:
To verify interface configuration, use the
show ip interface briefandshow ipv6 interface briefcommands.show ip interface brief- Displays all interfaces, their IP addresses, and their current status.show ipv6 interface brief- Displays all interfaces, their IPv6 addresses, and their current status.
Configure Verification Commands:
The table summarizes
showcommands used to verify interface configuration.show ip interface brief- Displays all interfaces, their IP addresses, and their current status.show ipv6 interface brief- Displays all interfaces, their IPv6 addresses, and their current status.show ip route- Displays the contents of the IPv4 routing table stored in RAM.show ipv6 route- Displays the contents of the IPv6 routing table stored in RAM.show interfaces- Displays statistics for all interfaces on the device. Only displays the IPv4 addressing information.show ip interfaces- Displays the IPv4 statistics for all interfaces on a router.show ipv6 interfaces- Displays the IPv6 statistics for all interfaces on a router.
Examples:
R1# show ip interface briefR1# show ipv6 interface briefR1# show ip routeR1# show ipv6 routeR1# show interfaces gig0/0/0R1# show ip interface g0/0/0R1# show ipv6 interface g0/0/0
10.3 Configure the Default Gateway
Default Gateway on a Host:
The default gateway is used when a host sends a packet to a device on another network.
The default gateway address is generally the router interface address attached to the local network of the host.
To reach PC3, PC1 addresses a packet with the IPv4 address of PC3, but forwards the packet to its default gateway, the G0/0/0 interface of R1.
Note: The IP address of the host and the router interface must be in the same network.
Default Gateway on a Switch:
A switch must have a default gateway address configured to remotely manage the switch from another network.
To configure an IPv4 default gateway on a switch, use the
ip default-gateway ip-addressglobal configuration command.