Vous êtes sur la page 1sur 6

Basic Cisco Router Configuration Steps

This post is by no means an exhaustive tutorial about Cisco Routers and how to configure their
numerous features. It is just a step-by-step guide for the most basic configuration needed to make
the router operational. When you first power on a new Cisco Router, you have the option of using
the “setup” utility which allows you to create a basic initial configuration. However, in this post I will
show you how to do this basic setup with the Command Line Interface (CLI). Mastering the Cisco
Router CLI is essential for more complex configuration tasks and it is the most important knowledge
you should acquire if you want to become a Cisco network administrator.

The basic CLI modes that we will be referring below are as following:

Router> <– User EXEC Mode


Router# <– Privileged EXEC mode
Router(config)# <– Global Configuration Mode
Router(config-if)# <– Interface Configuration Mode
Router(config-line)# <– Line Configuration Mode

I assume that you already have some basic knowledge of CLI and how to navigate between different
configuration modes (user mode, privileged exec mode etc), so let’s get started:

Step1: Configure Access Passwords

The first step is to secure your access to the router by configuring a global secret password and also
passwords for Telnet or Console as needed.

Enter into Global Configuration mode from the Privileged EXEC mode:

Router# configure terminal <– Privileged EXEC mode


Router(config)# <– Global Configuration Mode

In Global Configuration Mode you configure parameters that affect the whole router device. Here we
will configure the Enable Secret password that you will be using from now own to enter into
Privileged EXEC Mode from User EXEC Mode.

Router(config)# enable secret “somestrongpassword”

From now on, when you log in from user EXEC mode you will be asked for a password.

It is suggested also to configure a password for the Telnet Lines (VTY lines) which will secure your
access when connecting via Telnet over the network.

Router(config)# line vty 0 4


Router(config-line)# password “strongTelnetPass”
Router(config-line)# login
Step2: Configure a Router Hostname

To differentiate your Router from other devices in the network, you should configure a Hostname for
your device.

Router(config)# hostname My-Router


My-Router(config)#

Notice that your Router prompt changes to the new hostname that you have just set.

Step3: Configure IP addresses for Router Interfaces

This is an essential step in order for your router to be able to forward packets in the network. The
most basic parameter for a Router Interface is the IP address. From Global Configuration Mode you
need to enter into Interface Configuration Mode:

My-Router(config)# interface serial 1/1


My-Router(config-if)# ip address 100.100.100.1 255.255.255.252
My-Router(config-if)# no shutdown
My-Router(config-if)# exit

My-Router(config)# interface fastethernet 0/1


My-Router(config-if)# ip address 192.168.10.1 255.255.255.0
My-Router(config-if)# no shutdown
My-Router(config-if)# exit

Step4: Configure Routing (Static or Dynamic)

The Router’s main purpose is to find the best route path towards a destination network and forward
packets according to the best path. There are two main ways a router knows where to send packets.
The administrator can assign static routes, or the router can learn routes by using a dynamic
routing protocol. For simple network topologies, static routing is preferred over dynamic
routing. Let’s see how to configure static routes from Global Configuration Mode.

My-Router(config)# ip route [destination network] [subnet mask]


[gateway]

My-Router(config)# ip route 200.200.200.0 255.255.255.0


100.100.100.2

The command above tells the router that network 200.200.200.0/24 is reachable via gateway
address 100.100.100.2.

Another popular static route that we usually configure on Internet Border routers is the default static
route:

My-Router(config)# ip route 0.0.0.0 0.0.0.0 50.50.50.1

The default static route above instructs the router to send ALL packets that the router does not have
a more specific route entry to gateway address 50.50.50.1 (which might be the ISP gateway address).
Step5: Save your configuration

Save your current running configuration into NVRAM. This will overwrite the startup configuration.

My-Router(config)# exit
My-Router# copy running-config startup-config

You can display your current configuration to verify your settings as following:

My-Router# show running-config


Basic Cisco Switch Configuration

In my opinion, the Cisco switches are the best in the market. Versatile, reliable,
flexible and powerful, the Cisco switch product line (such as the 2960, 3560,
3750, 4500, 6500 etc) offer unparalleled performance and features.

Although a Cisco switch is a much simpler network device compared with other
devices (such as routers and firewalls for example), many people have difficulties
to configure a Cisco Catalyst Switch. Unlike other lower class switch vendors
(which are plug-and-play), the Cisco switch needs some initial basic configuration
in order to enable management, security and some other important features.

In this article I will describe the basic steps needed to configure a Cisco switch
from scratch. I don’t like graphical GUI or web management at all, so I will show
you command line configuration which is much more powerful and makes the
administrators learn what they are doing on the device.

STEP1: Connect to the device via console

Use a terminal emulation software such as PuTTY and connect to the console of
the switch. You will get the initial command prompt “Switch>”

Type “enable” and hit enter. You will get into privileged mode (“Switch#”)

Now, get into Global Configuration Mode:

Switch# configure terminal


Switch(config)#

STEP2: Set up a hostname for the particular switch to distinguish it in the


network

Switch(config)# hostname access-switch1


access-switch1(config)#

STEP3: Configure an administration password (enable secret password)

access-switch1(config)# enable secret somestrongpass

STEP4: Configure a password for Telnet access

access-switch1(config)# line vty 0 15


access-switch1(config-line)# password strongtelnetpass
access-switch1(config-line)# login
access-switch1(config-line)# exit
access-switch1(config)#
STEP5: Define which IP addresses are allowed to access the switch via Telnet

access-switch1(config)# ip access-list standard TELNET-ACCESS


access-switch1(config-std-nacl)# permit 10.1.1.100
access-switch1(config-std-nacl)# permit 10.1.1.101
access-switch1(config-std-nacl)# exit

!Apply the access list to Telnet VTY Lines


access-switch1(config)# line vty 0 15
access-switch1(config-line)# access-class TELNET-ACCESS in
access-switch1(config-line)# exit
access-switch1(config)#

STEP6: Assign IP address to the switch for management

!Management IP is assigned to Vlan 1 by default


access-switch1(config)# interface vlan 1
access-switch1(config-if)# ip address 10.1.1.200 255.255.255.0
access-switch1(config-if)# exit
access-switch1(config)#

STEP7: Assign default gateway to the switch

access-switch1(config)# ip default-gateway 10.1.1.254

STEP8: Disable unneeded ports on the switch

! This step is optional but enhances security


! Assume that we have a 48-port switch and we don’t need ports 25 to 48

access-switch1(config)# interface range fe 0/25-48


access-switch1(config-if-range)# shutdown
access-switch1(config-if-range)# exit
access-switch1(config)#

STEP9: Save the configuration

access-switch1(config)# wr

The above are some steps that can be followed for basic set-up of a Cisco switch.
Of course there are more things you can configure (such as SNMP servers, NTP,
AAA etc) but those depend on the requirements of each particular network.