WELCOME TO ROUTER
PRITHBI
Only authorized personnel may login
!
Router_2(config)#
A delimiting character is used to set off the message, in this case
the character is the ! symbol.
Adding a Description to an Interface
An interface description is limited to 80 characters and typically
describes the function of the interface.
Router_2(config)#int serial 1
Router_2(config-if)#description Link to East Office
Router_2(config-if)#
Cisco Help and Editing
Enter ? at any prompt to see a complete listing of available commands
that can be used at the prompt level. You can also do partial a word
to see available commands that start with letters before ? (e.g. s?,
cl?, eth?).
When entering commands, you don't have to complete the entire word
just enough to make it recognizable to the IOS from any other
command. Example: instead of using the show command, you can use sh
in place of show and it will work the same.
The ? can also be used to show the next step in the command. If you
type a partial command and press the [Tab] key, the command is
completed for you automatically.
Router_2(config)# int [Tab]
Router_2(config)# interface
Router_2(config)# interface ?
Async Async interface
BVI Bridge-Group Virtual Interface
Dialer Dialer interface
Ethernet IEEE 802.3
Group-Async Async Group interface
Lex Lex interface
Loopback Loopback interface
Null Null interface
Port-channel Ethernet Channel of interfaces
Serial Serial
Tunnel Tunnel interface
Virtual-Template Virtual Template interface
Virtual-TokenRing Virtual TokenRing
Router_2(config)# interface ethernet ?
<0-0> Ethernet interface number
Router_2(config)# interface ethernet 0
Router_2(config-if)#
Use the [spacebar] to scroll another page if available commands is
longer than one page, use the [enter] key to scroll one line at a
time. If help page is scrolled, press any key to return to the
command line.
Command Line Editing Commands
Command
Meaning
Ctrl+A
Moves cursor to beginning of the line.
Ctrl+E
Moves cursor to end of line.
Ctrl+B
Moves back one character.
Esc+B
Moves back one word.
Ctrl+F
Moves forward one character.
Esc+F
Moves forward one word.
Ctrl+D
Deletes a single character at the cursor.
Backspace
Deletes a single character.
Ctrl+R
Redisplays the command prompt and command line.
Ctrl+U
Erases a line.
Ctrl+W
Erases a word.
Ctrl+Z
Ends Configuration mode and returns to EXEC.
tab
Finishes typing a command for you.
Router Command History
Command
Meaning
Ctrl+P or Up arrow
Shows last command entered.
Ctlr+N or Down arrow
Shows previous commands entered.
show history
Shows last 10 commands entered by default.
show terminal
Shows terminal configurations and history buffer size.
terminal history size [0-256]
Changes buffer size (max 256).
To see how long a router has been up, how it was restarted, the IOS
version, number of Interfaces, memory, and config-register setting use
the command show version from privileged EXEC mode.
Setting Router Passwords
The router has a number of ports that allow access to the router, on
each of these ports you can specify passwords to provide a layer of
security to the router. There is also the option of disabling login
password checking to any of the ports by entering the command to get
to the Router(config-line)# section of the port and entering the no
login command. In the examples the password is set to ccna with the
enable secret password set to ccna2.
Setting the enable and enable secret password:
Router(config)#enable ccna
Router(config)#enable secret ccna2
The enable secret password is the password you use to gain access to
enable mode and to the global configuration mode on the router and is
encrypted. The enable password is used when you do not specify a
enable secret password. The enable password should be different from
the enable secret password.
Setting the auxiliary port password:
Router(config)#line aux 0
Router(config-line)#login
Router(config-line)#password ccna
The auxiliary port is on the back of the router and is commonly used
to connect a modem to. It is used to allow a remote user access to
the configuration of the router. If a modem is connected to the port,
it should definitely have a password specified for it.
Setting the console password:
Router(config)#line con 0
Router(config-line)#login
Router(config-line)#password ccna
The console port is also on the back of the router and is used to
directly connect a console to the router for configuring the router.
The console is usually a PC running a program like HyperTerminal set
to 8 N 1. The PC connects to the console port from the PC's COM port,
the COM port uses a 9 pin to RJ45 connector, the connector uses a
rolled CAT 5 cable (reversed on one end) to connect to the RJ45 port
on the back of the router. This port should allow logins with
passwords if the router is physically secured. The port should be
disabled if it is not regularly used or the router is not securable.
This port can be very useful especially when configuring a new router
or a corrupted router as you don't have to rely on IP addresses being
correct or the interfaces being up.
Setting the Virtual Terminal (Telnet) password:
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password ccna
The vty ports are specified with the command line vty 0 4 depending on
your router you might have more than five (0,1,2,3,4) virtual
terminals available, in that case use the command line vty 0 X where X
is the number of terminals -1. You can also specify less than the
maximum, which will limit the number of sessions that can exist on the
router. The Virtual Terminal ports are just that, virtual, as you
can't physically see them. They are the ports that allow users to
remotely access the router. If they are enabled then anyone on any of
the networks that the router knows about can attempt to login. If you
aren't going to be doing remote configurations on the router yourself,
the vty ports should be disabled and the console port should be
enabled. You can also apply a standard IP access list to the VTY
ports.
Recovering Lost Cisco Passwords
Connect a PC or Terminal to the router's console port using a Terminal
Emulation program such as Hyper Terminal (need to update original
HyperTerminal for NT (doesn't send break) or use the Win95/98
version).
Once connected and logged in type show version and record the settings
of the Configuration register. The configuration register setting is
shown at the bottom of the screen in the format of:
Configuration Register is 0x2102
With the terminal or PC still attached, power off the router and power
on the router.
Within 60 seconds of the router powering back on, press the [Control]+
[Break] keys on the keyboard of the terminal.
If done correctly, you should see the bootstrap program prompt >
without a router name in the prompt. If you don't see the symbol, the
break signal wasn't properly sent to the router. Try it again after
checking the console cable and Terminal settings (9600 baud, 8 data
bits, No parity, 1 stop bits).
On 2500 series routers, to reset the the configuration register to
boot from ROM and ignore NVRAM enter the command at the > prompt:
o/r 0x042
Initialize the router by entering the command i at the > prompt.
The Router will go through the power cycle and will set the register
to 0x042. This will cause the router to boot the boot ROM system image
and prompt you with the system configuration dialog as follows:
--System Configuration Dialog--
Answer no to the configuration system prompts until the following is
displayed:
Press RETURN to get started!
Press [ENTER] and the boot ROM prompt appears:
Router>
Enter the enable command at the prompt. Then enter the configure
memory command as follows:
Router#configure memory
Enter the terminal configuration mode with the command:
Router#conf t
Now you can enter your new passwords with the commands: (where ccna is
the new password)
Router(config)#enable ccna
Router(config)#enable secret ccna
Set the configuration register back to the original setting with the
command:
Router(config)#config-register 0x2102
Then enter the following commands to exit global configuration mode,
save the configuration, and restart the router.
Router(config)#[control]+[Z]
Router#write mem
Router#reload
Router Interfaces
Routers can have many different types of connectors; from Ethernet,
Fast Ethernet, and Token Ring to Serial and ISDN ports. Some of the
available configurable items are logical addresses (IP,IPX), media
types, bandwidth, and administrative commands. Interfaces are
configured in interface mode which you get to from global
configuration mode after logging in.
Logging in to the Router
Depending on the port you're using, you might have to press enter to
get the prompt to appear (console port). The first prompt will look
like Routername> the greater than sign at the prompt tell you that you
are in user mode. In user mode you can only view limited statistics of
the router in this mode. To change configurations you first need to
enter privileged EXEC mode. This is done by typing enable at the
Routername> prompt, the prompt then changes to Routername#. This mode
supports testing commands, debugging commands, and commands to manage
the router configuration files. To go back to user mode, type disable
at the Routername# prompt. If you want to leave completely, type
logout at the user mode prompt. You can also exit from the router
while in privileged mode by typing exit or logout at the Routername#
prompt.
Global Configuration Mode
Enter this mode from the privileged mode by typing configure terminal
or (conf t for short). The prompt will change to
Routername(config)#. Changes made in this mode change the running-
config file in DRAM. Use configure memory to change the startup-config
in NVRAM. Using configure network allows you to change the
configuration file on a TFTP server. If you change the memory or
network config files, the router has to put them into memory (DRAM) in
order to work with them, so this will change your router's current
running-config file.
Interfaces mode
While in global configuration mode you can make changes to individual
interfaces with the command Routername(config)#interface ethernet 0 or
Routername(config)#int e0 for short, this enters the interface
configuration mode for Ethernet port 0 and changes the prompt to look
like Routername(config-if)#.
Bringing Up Interfaces
If an interface is shown administratively down when the show interface
command is given in privileged EXEC mode, use the command no shutdown
to enable the interface while in interface configuration mode.
Setting IP Addresses
In global configuration mode, enter the interface configuration mode
(Routername(config)#int e0) and use the command Routername(config-
if)#ip address [ip address] [network mask]. If it is the first time
using the interface, also use the no shutdown command to enable and
bring up the interface.
Router_2(config)#int e0
Router_2(config-if)#ip address 192.168.1.1 255.255.255.0
Router_2(config-if)#no shutdown
Secondary IP Addresses
You can add another IP address to an interface with the secondary
command. The syntax is the same as setting an IP address except you
add secondary to the end of it. Using secondary interfaces, it allows
you to specify 2 IP addresses for 1 interface. Use subinterfaces
instead, since they allow for more than 2 IP addresses on an interface
and secondaries will probably be replaced soon.
Subinterfaces
In global configuration mode you can create virtual interfaces
(subinterfaces), so at the prompt Routername(config)# type int e0.1
and the prompt will change to Routername(config-subif)#. For all
practical purposes there isn't a limit to the amount of subinterfaces
an interface can have.
Show Interfaces
To view information about an interface, use the command:
Router_2#show interface e0
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 0000.cc34.ec7d (bia 0000.cc34.ec7d)
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load
1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:07, output hang never
Last clearing of "show interface" counters never