The majority of Cisco routers run Cisco IOS Software with the command-line interface (CLI). The CLI is used to interface with the device and send commands to the device. This is achieved through the use of a terminal, a terminal emulator, or a Telnet connection. Some routing cards, such as the Multilayer Switch Feature Card (MSFC) daughter card for the Catalyst 6000 series LAN switches, also run Cisco IOS Software.
Posts Tagged ‘router’
January 24 2010
Free Ccna Tutorial About Cisco Ios Software, Cisco Router Configuration Modes and Cisco Cli (command Line Interface)
January 24th, 2010 
feed 
Tags: About, Ascii Terminal, Auxiliary Port, Ccna, Ccna Tutorial, cisco, Cisco Ios Software, Cisco Router, cisco routers, command, command line interface, Command Mode, Configuration, Configuration Modes, Daughter Card, Exec Mode, Feature Card, free, Interface, Line, Mode Changes, Mode User, Modes, Multilayer Switch, Privileged Mode, router, Router Cisco, Router Passwords, software, Telnet Connection, Terminal Emulator, tutorial
January 21 2010
How to Configure Ssh (secure Shell) for Remote Login on a Cisco Router
January 21st, 2010 feed Tags: 3des Encryption, Advanced Ip Services, cisco, Cisco Ios, Cisco Network, Cisco Router, Configuration Commands, Configure, Encrypted Connection, Encryption Software, Ip Domain, Login, Login Protocol, Modulus, Remote, Remote Administration, Remote Login, router, Router Switch, Secure, secure shell, Security Appliance, Server Component, Shell, Software Image, Ssh Client, Ssh ServerCopyright (c) 2008 Don R. Crawley
Prior to the introduction of SSH in the Cisco IOS, the only remote login protocol was Telnet. Although quite functional, Telnet is a non-secure protocol in which the entire session, including authentication, is in clear text and thus subject to snooping.
SSH is both a protocol and an application that replaces Telnet and provides an encrypted connection for remote administration of a Cisco network device such as a router, switch, or security appliance.
The Cisco IOS includes both an SSH server and an SSH client. This document is concerned only with the configuration of the SSH server component.
Prerequisites
Software
The SSH server component requires that you have an IPSec (DES or 3DES) encryption software image from Cisco IOS Release 12. 1(1)T or later installed on your router. Advanced IP services images include the IPSec component. This document was written using c2800nm-advipservicesk9-mz. 123-14. T5. bin.
Pre-configuration
You must configure a hostname and a domain name on your router. For example:
router#
router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
router01(config)#hostname router01
router01(config)#ip domain-name soundtraining. net
You must also generate an RSA keypair for your router which automatically enables SSH. In the following example, note how the keypair is named for the combination of hostname and domain name that were previously configured. The modulus represents the key length. Cisco recommends a minimum key length of 1024 bits (even though the default key length is 512 bits):
router01(config)#
router01(config)#crypto key generate rsa
The name for the keys will be: router01. soundtraining. net
Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys . . . [OK]
Finally, you must either use an AAA server such as a RADIUS or TACACS+ server or create a local user database to authenticate remote users and enable authentication on the terminal lines. For the purpose of this document, we’ll create a local user database on the router. In the following example, the user “donc” was created with a privilege level of 15 (the maximum allowed) and given an encrypted password of “p@ss5678″. (The command “secret” followed by “0″ tells the router to encrypt the following plaintext password. In the router’s running configuration, the password would not be human readable. ) We also used line configuration mode to tell the router to use its local user database for authentication (login local) on terminals lines 0-4.
router01(config)#username donc privilege 15 secret 0 p@ss5678
router01(config)#line vty 0 4
router01(config-line)#login local
Enabling SSH
To enable SSH, you must tell the router which keypair to use. Optionally, you can configure the SSH version (it defaults to SSH version 1), authentication timeout values, and several other parameters. In the following example, we told the router to use the previously created keypair and to use SSH version 2:
router01(config)#
router01(config)#ip ssh version 2
router01(config)#ip ssh rsa keypair-name router01. soundtraining. net
You can now log on to your router securely using an SSH client such as TeraTerm.
Viewing SSH Configurations and Connections
You can use the privileged mode commands “view ssh” and “view ip ssh” to view SSH configurations and connections (if any). In the following example, the SSHv1 configuration from a Cisco 871 router is verified using “show ip ssh” and a single SSHv1 connection is displayed using the command “show ssh”. Notice that we did not enable SSHv2 on this router, so it defaulted to SSH version 1. 99. Also note in the output of the “show ssh” command that SSH version 1 defaults to 3DES. SSHv2 supports AES, a more robust and efficient encryption technology. SSHv2 is also not subject to the same security exploits as SSHv1. soundtraining. net recommends the use of SSHv2 and disabling a dropback to SSHv1. Enabling SSHv2 disables SSHv1. This example is included only to demonstrate backwards compatibility:
router04#
router04#show ip ssh
SSH Enabled – version 1. 99
Authentication timeout: 120 secs; Authentication retries: 3
router04#
router04#show ssh
Connection Version Encryption State Username
2 1. 5 3DES Session started donc
%No SSHv2 server connections running.
router04#
You can also use the command “debug ip ssh” to troubleshoot SSH configurations.
Don R. Crawley, Linux+ and CCNA-certified, is president and chief technologist at soundtraining. net, the Seattle training firm specializing in accelerated, task-oriented training for IT professionals. He works with IT pros to enhance their work, lives, and careers. For more information about learning opportunities with soundtraining. net, visit here.
January 17 2010
How to hook up your Xbox 360 to your home network.
January 17th, 2010 feed Tags: Computer Firewall, Home, Hook, network, Network Tutorial, Ripoff, router, Wireless Adapter, Xbox, Xbox 360, Xbox Network
Tutorial on how to hook up you Xbox 360 to your home network. Few notes: 1) The wireless adapter is not 50 bucks like he says, it is 100 bucks and in my opinion it is a ripoff. The cheapest I have seen for an adapter is on www.newegg.com where is sells for 87.50 2) If you did exactly what he said on connecting etc and you still can’t get the 360 to connect, it is most likely a problem with either your computer firewall or the router’s internal firewall. You might need to either change the …
January 4 2010
What to Know Before Upgrading Your Cisco Router
January 4th, 2010 feed Tags: Bandwidth Network, Before, cisco, Cisco Memory, Cisco Router, cisco routers, Cost Of Downtime, data networks, Dram Memory, Expansion Slots, Fault Tolerance, future proof, High Bandwidth, Installing Ram, Insufficient Ram, Know, Network Engineers, Production Environments, Ram Memory, router, Simple Answer, Upgrading, Workload, WorkstationsExpanding the capacity of any high bandwidth network is always an involved process. The actual cost of upgrade hardware and the task of physically installing RAM memory into your Cisco routers’ expansion slots is simple enough, but most high-capacity data networks serve production environments which demand fault-tolerance and as near to total uptime as possible. In order to build a network that can be relied upon to guarantee this level of service, network engineers need to plan a long way ahead. In addition to ensuring the servers, workstations, cabling and software can handle increasing loads for years to come, when planning a new segment, a good engineer will consider the possible lifetime cost and load of each and every crucial device on the network. This includes Cisco routers! As it may be difficult to even temporarily disconnect a mission-critical router to upgrade its memory, one way to “future proof” your network is to upgrade the device at purchase – prior to installation. This may sound expensive, but in any truly high-bandwidth medium, the cost of downtime or loss of connectivity far outweighs the safe option of upgrading your routers memory to the maximum before installing it. If you do indeed decide to take the path of pre-upgrading a Cisco router for life, you will be choosing to save yourself from ever having to take it out of commission in order to install new Cisco DRAM memory or flash. Though the cost may be significant, not upgrading presents even more significant risks. It’s well known that a router is more likely to fail if it is run with insufficient RAM for it to cope with its workload. This raises the question of Cisco memory will be enough over the lifetime of a given product. Unfortunately, there’s no simple answer to this question: How much RAM a Cisco router is going to need changes depending on the enterprise and its scale, what sort of applications your network is (and will be) supporting, and of course, which series router you’re using. Cisco makes some forecasts and recommendations available to customers to assist in making this judgment. Generally, upgrading to the maximum memory your router is capable of supporting takes some of the guesswork out of this equation. The Cisco memory requirements for each are made available in individual the product specifications, and Cisco lists which product lines will be supported at least 18 months in advance. In this way, a diligent network analyst may make fairly accurate predictions of what their individual requirements will be for at least the next couple of years, and likely, much longer. After checking the installation procedure and maximum upgrade capacity for your particular Cisco router, you have two options, either purchasing the memory directly from Cisco at a considerable markup, or from a memory reseller such as PC Wholesale. Memory resellers offer a tremendous advantage over purchasing directly from Cisco for the budget conscious company – many times their prices can be up to 90% off Cisco’s list price, for the same exact memory!
Sterling Christian writes exclusively for PC Wholesale. Sterling writes about the use, operation and upgrading of Cisco and Sun Microsystems devices. PC Wholesale carries Cisco Approved memory, Sun original memory, & third-party memory for all Sun and Cisco devices. www. pc-wholesale. com.
December 18 2009
Cisco Router Selection
December 18th, 2009 feed Tags: cisco, Cisco 3600, Cisco 800, Cisco 800 Series, Cisco Ios, Cisco Router, Dsl Applications, Ebay, Ebay Listings, Midsized Networks, Nac, Qos, Robustness, router, Router Cisco, Router Selection, S Line, Selection, Set In Stone, Tricky Task, Vpn Connections, Wayside, Wireless OptionsCisco Router SelectionWith the constant evolution and change of the Cisco Router selection, it can be a tricky task to keep up-to-date. Do you know the current models of routers and more to the point do you know which Cisco router to choose?Like us and many other people you will have been stunned and confused when Cisco removed from it’s line up what was considered the standard for midsized networks the 2600 and 3600 series. It was not their robustness or capabilities that saw them on to the ebay listings of secondhand routers, in particularly the 3600 series which can still do just about everything its latest counterpart can do; What made these fall by the wayside was the limitations of the CPU and the inadequate RAM. With the growth of the Cisco IOS beyond what these could handle combined with the swell of the packet load of most networks these older routers can no-longer cut the mustard. Saying that, the Cisco 3600 series is still the router of choice for some people as they can be picked up very cheaply in the secondhand marketplace. The Cisco ISRs There is a Cisco ISR to suit everyone’s needs; from the 800 series for the small to medium-sized network right through large campus or high performance large network. These are more than just routers they now provide services like IPSec, VPN, firewalls, and VoIP. To help illustrate how to choose which router for your network type, the above diagram from Cisco demonstrates perfectly the routers available and their suitability. The rules for choosing the correct Cisco router is not set in stone, however there are some general pointers that should help. Home office or small officeFor constant VPN connections of up-to 10 home workers with good performance and reliability then look no further than the Cisco 800 Series. They have the Cisco IOS including IPS, VPN, VLAN, QoS, NAC, and Firewall. There are many routers in the range including wireless options and ISDN and DSL applications. Small Remote OfficeFor networks that have up-to 25 or so users, the Cisco 1800 Series routers are the best choice. This router is ideal if all you need is a router to connect your office to the Internet, VPN, firewall, and wireless. Larger Remote OfficeIf you require more performance and up scaling that the Cisco 1800 Series can offer, then you should look to the Cisco 2800 Series. Ideal for up-to around 50 users for office Internet connectivity, robust VPN access, with redundant power supply, Gig-E ports, NM expansion slots and Call Manager Express. Having the NM card slot lets you add things such as a 36-port switch with PoE, a DS3 ATM, a 24-port VoIP module, an intrusion detection module, a network analysis module, or a Cisco Unity Express voice mail module. Wonderful!Office of 100 Workers or MoreCisco 3800 Series routers are similar to the 2800 Series in that there are a lot of HWIC and NM options for them. But what sets them apart from the 2800 Series is the sheer performance of the hardware and the number of HWIC and NM card that you can put into them. Large HQ Office or CampusFor very large campus or service providers, the Catalyst 6500 and 7200/7300 Series platforms are for you. Cisco calls these “service aggregation platforms. ” These are very high-performance networking platforms with a huge capacity for expansion.
