Cisco router is a device that transfers data packets between different networks. Different IP network cannot communicate with each other without a router. Routers do this job successfully by sending a packet from one IP network to another IP network. This process called routing. The router also needs some configurations before using for routing. Here in this article, we will also explain the initial configuration of the router.
I explain packet tracer in one of my earlier article and it is also available for download. here in this article, we will use packet tracer for demonstration. You can also use any other network simulator software such as Boson, GNS. You may also use a real Cisco device in place of simulators.
When a new Cisco router boots up for the first time or a time when there is no configuration on the router, it asks the user if they want to run through a list of prompts to configure the router; Most Cisco professional ignore this initial setup wizard because of the lack of a better word. They also like to configure the router manually. The initial setup mode screen is shown in Figure 1:
When a Cisco router is initially booted there is nothing configured, the only thing that needed to configure the router is a console cable. Once a connection established the basic configuration of the device can be made, all initial configuration will be covered next in this article. The first prompt, if the user says “no” to the setup wizard, the user will see is a user exec mode prompt, as shown below:
As we also learned in the previous article that Cisco IOS supports various command line interface modes, among those followings, are the main command modes.
- User EXEC Mode
- Privileged EXEC Mode
- Global Configuration Mode
- Interface Configuration Mode
- Sub-Interface Configuration Mode
- Setup Mode
- ROM Monitor Mode
To navigate between these modes we need to execute specific commands:
Change Default Router Name
This changes the router prompt and helps differentiate the device from others. By default, “Router” name is configured on each router. We can configure any name on the router. To do this hostname command will be used in global configuration mode, For example!
Configure password on Cisco router
The router is an important device of any network. It supports multiple networks and can connect multiple lines for management and so, we need to secure each management line.
Secure console port
Console and Telnet are the most commonly used line types on a Cisco router. The console line allows a local user to access the router when physically connected to the console port. By default, console port has not configured with any password so any user with physical access can connect. To block this access, a password can be configured on the console line. To configure a password the user must access the console line configuration mode using the ‘line console 0‘ command and issue the ‘password password‘ command, as shown below on the Rawalpindi router:
Enable telnet access on Cisco router
Telnet is used to connect remotely when a router has configured at least one interface and also configured the password for telnet. Depending on the model number and IOS software version router may also support the various number of VTY connections. VTY is the name for telnet and SSH connection. By default only first five VTYs connections are enabled. But when you try to connect them remotely you will get following message “Password required but none set” This message give warning that password is not set on VTY lines.
On most Cisco routers the VTY lines used for telnet connections are labeled from 0 through 4 total of 5 lines. The ‘line vty 0 4‘ command used to gain access to this mode. Following is the procedure to configure telnet access to the router.
Secure the privileged EXEC mode and encrypt all password
The enable secret is the command which secures the user privileged mode. And by the help of service password encryption, we can encrypt all saved password in the configuration file. The method to secure privileged EXEC mode is following:
Configure Login banner
We can configure two types of the banner on Cisco routers “MOTD” and “Exec” banner. banner exec command is not available in packet tracer. In packet tracer, we can practice only with banner MOTD command. Both commands also work in the same way. Only the place of a display is different between both commands. An EXEC banner will display after login and MOTD banner will display before the login. Following is the procedure to configure the MOTD banner.
Save the configuration
We can save the configuration from user privileged mode and we can also it from global configuration mode using following commands.
Saving in user privileged mode
Apply the same command with “do” followed by the above mention commands in global configuration mode to save the configuration. For example, do write or do copy running-config startup-config