Cisco routers have long and rightly wontrust from many users. By faith and truth for many years they transmit traffic to different devices between different types of networks. The word "cisco" today has become synonymous with such concepts as quality and reliability. Especially as the Cisco router price is always kept within acceptable limits.
At the present time,distribution of a variety of Cisco switches and routers. The series includes several models that differ in a number of characteristics. However, all of them can be divided into the following large groups:
Portable routers. They are designed for small and medium-sized networks.
Devices with an ISR - these Ethernet switches are characterized by a very flexible architecture. By installing various applications, you can almost unlimitedly expand their capabilities.
Modular devices.The capabilities of such devices can be expanded through the connection of various modules, so you can flexibly manage the hardware architecture. Recommended for acquisition by small and medium-sized enterprises.
All of the presented devices are used to receive andtransmission of information packets at the third level of OSI. With their help, you can build networks of very different scale and purpose. Cisco VPN tunnel devices support the following: L2TP, DMVPN, IPsec, GRE and PPTP. Setting up a VPN on a Cisco router will allow data to be transmitted over an encrypted private channel.
The Cisco 2960 series switches also have a number of models, but the common characteristics for them are:
A feature of Cisco routers isconsider that they are often narrowly specialized. There are no universal models in their line, which could serve equally both in an apartment for the formation of a home local network, or in an enterprise or in an office. Each line is responsible for something of its own and has at times a very narrow specialization. So when choosing network equipment from Cisco, this point needs to be taken into account: even the most expensive and advanced router or router can be a useless set of cards and wires in one place and an absolutely indispensable device in another.
The equipment is usually configured in the following ways:
Of course, the configuration of network equipmentbegins with connecting it to the computer. The router connects to the PC using a special console cable. Then, the terminal emulator starts. From it and you will need to enter all the commands in the future.
Many routers and routers use up to nowport COM port for connection to a computer. However, not all modern machines have such a port. In this case, special adapters to USB-COM will help. Depending on the configuration, they can both be supplied with the network equipment, and not be supplied. But it's better to choose a model that already supports the USB connection method.
The port indicates: 9600/8-N-1.If you want to overload the router with an empty startup configuration, you need to issue the command: enable. This loads the EXEC mode. To start from scratch, type: erase startup-config. And reload the equipment with the command: reload. The question of the operating system about whether to enter the settings window, you need to answer in the negative.
However, all of the above can not be done if there is no need to get an empty config.
As for Cisco equipment, Windows does notoffers a familiar to many users of the window interface. All commands are entered through the console terminal. And thus it is necessary to adhere to following rules:
The installation of the router can begin withThe fact that SSH will be assigned to all connections by default. Using SSH, you can transfer any data from a remote computer through encrypted channels. To enable SSH in Cisco, you need to:
To enter the configuration mode for global settings for ports in Cisco, you need to type the following command:
conf t
interface fa0 / 2.
You can configure the following Cisco ports:
switchport mode trunk
switchport trunk encapsulation dot1q.
If you want to use only some vlan, then in the console you need to enter: switchport trunk alloved vlan 310, 555 - that is, the commas separate the vlan numbers;
switchport mode trunk (creates a trunk port)
switchport trunk alloved vlan 310,555 (such ports as vlan 310 and 555 are used)
switchport trunk native vlan 310 (all untagged traffic is transferred to vlan 310, and the rest - to 555).
The process of port configuration was considered on the example of Cisco 2960 - one of the most common today. However, for devices of other series, the actions will be similar.
After the settings are reset, the configuration file is cleared, all the fine tuning needs to be carried out again, and therefore the reset is often considered as an extreme measure.
It is not difficult to execute it.To do this, just connect the router cable to the console and enter the command in the management console: Router # erase startup-config. And then: Reload. The router is reset, after the reboot the config will be absolutely clean.
It is worth noting that resetting the Cisco settingsis quite rare. However, for one reason or another, it still needs to be done. Also it is necessary not to forget after resetting the settings to return the value of the register with the command: config-register 0x2102.
For any network equipment, including Cisco, tuning is not all. It is still necessary to be able to save what was set up, that is, to keep the changes made.
In Cisco routers, there are two types of save:
The first type records all thethe progress of the change, but when the equipment is restarted, they are lost, and the boot will occur with the settings from the startup memory. However, Cisco equipment is designed in such a way that it is impossible to directly make changes to the initial configuration. To save all changes to permanent memory, you need to do the following:
For Cisco equipment, configuration can take placemuch easier and faster, if you use specialized programs for this purpose. However, this is rather a matter of taste: the hard-core sysadmins have grown tightly to their console interface, and there are no forces in nature to tear them away from it.
The rest, especially beginners, can be recommended to download some applications that can facilitate the task of configuring Cisco equipment:
Of course, assigning commands from the terminal is an occupation,which will not appeal to every user. And third-party programs need to be downloaded, sometimes not for free. However, it is possible to enable the graphical interface directly in the Internet browser. To do this, you will first need to install a special Java module, which you can download from the official Java site. The module is called Jre. In addition, you need an SDM application - it can be installed on both the router itself and the operating system.
Next, you need to set permissions in the browser to show pop-up windows and to start active content.
As soon as the SDM starts, you will need to drive the IP address chosen for the vlan1 port. It is also recommended that you clear the check box next to the HTTPS parameter.
After clicking on the launch button, a dialog box appears where you will be asked to enter the password-login string. If all is entered correctly - the working window of the program SDM, started directly in the browser will appear.
In the event that the user has received a router from themodel line Linksys, then the task of tuning in a graphical environment is simplified at times. After connecting, it will be enough to type in the address bar of the browser: 192.168.1.1. And after that, the settings window will be loaded in graphical mode.
Для начала нужно сразу же сменить пароль и логин, which by default are issued as: admin - admin. This is done after going to the Administration tab. In the same tab, you can make a backup backup settings.
Next, go to Wireless - Basic WirelessSetup, in this tab set the settings to manual (Manual). As a secret key, the serial number of the device itself is usually used.
It remains only to choose the type of Internet connection used and in the corresponding graphs to drive the settings that the provider issues.
In conclusion, it is worth noting that many sysadminsdo not treat their passwords with due respect. And it’s completely in vain, because if you limit yourself to the “password” parameter only during password creation, you can successfully “merge” it with snmp and compromise the security of the entire system. Therefore, it is recommended that the “secret” parameter be used for the operation with privileges. The point is that if you use the “password” parameter, the password will be stored in clear text in the config file, and if you type the “secret” parameter, the password will be encrypted.
In the latter case, the command to set the password withencryption should look something like this: Router (config) #enable secret PASS i>, where PASS is the specified password. This sets the password for working in the extended mode with privileges.
Depending on this or that Cisco equipment model, the hardware and software parts can be adjusted, but in general the picture looks exactly as described above.