Chapter 4 Internetworking Operating System IOS and Security

Chapter 4 Internetworking Operating System (IOS) and Security Device Manager (SDM)

Cisco Router Physical Components ROM POST, Boot. P, Mini IOS nv. RAM Startup-Config File RAM Running-Config File Flash Complete IOS

Boot Sequence 1) POST: Power On Self Test 2) Boot Program (Boot. P) is loaded: a) IOS is loaded - Flash - TFTP - Mini IOS b) Configuration is loaded - nv. RAM - TFTP - Setup Mode Dialog

Switching between User and Privileged Modes Router>enable Router#disable Router> Exiting configuration Router>logout OR Router>exit OR Router#exit

Global Configuration Mode GCM Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Basic Commands Router(config)#hostname CISCO(config)# Router(config)#banner motd # This is Secure Router! # Router(config)#

Show Commands Router>show version (Version, no. of interfaces, IOS image name, size of RAM, NVRAM & FLASH) Router>sh flash (IOS no. & name, available & usable size of FLASH) Router#sh run (Configuration in RAM) Router#sh startup (Configuration in NVRAM, size of configuration in NVRAM) Router(config)#do show run

Using Pipes ( | ) Router#show run | ? append Append redirected output to URL (URLs supporting append operation only) begin Begin with the line that matches exclude Exlude lines that match include Include lines that match redirect Redirect output to URL section Filter a section of output tee Copy output to URL

Cisco Router Passwords 1 - Enable Secret 2 - Enable Password 3 - Console Password 4 - AUX Password 5 - Telnet (VTY) Password 1 - Enable Secret Router#config t Router(config)#enable secret cisco 2 - Enable Password Router(config)#enable password cisco 1

3 - Console Password Router(config)#line console 0 Router(config-line)#password cisco Router(config-line)#login Router(config-line)#logging synchronous Router(config-line)#exec-timeout 0 0 Router(config-line)#exit 4 - Auxiliary Password Router(config)#line aux 0 Router(config-line)#password cisco Router(config-line)#login 5 - VTY Password Router(config-line)#line vty 0 4 Router(config-line)#password telnet Router(config-line)#login

Cisco Router Interfaces Fixed Interfaces f 0 f 1 e 0 e 1 s 0 s 1 Port Modular Interfaces f 0/1 f 0/0/0 f 0/0 e 0/0 s 0/1 Slot/Port Router(config)#interface name Router(config)#interface f 0 Router(config-if)#ip address 192. 168. 100. 1 255. 0 Router(config-if)#no shut Router(config-if)#description Connection to Sales network Router(config)#interface s 0 Router(config-if)#clock rate {no. of bps} Router(config-if)#bandwidth {no. of Kb} s 0/0/0 Slot/Sub. Slot/Port

Secondary IP Router(config-if)#ip address 192. 168. 150. 1 255. 0 secondary Sub Interfaces Router(config)#int f 0 Router(config-if)#no ip address Router(config-if)#no shut Router(config-if)#int f 0. 1 Router(config-subif)#ip add 172. 16. 1 255. 240. 0 Router(config-subif)#int f 0. 2 Router(config-subif)#ip add 172. 16. 32. 1 255. 240. 0

Saving/Deleting Configuration Router#copy run start Router#copy start run Router#erase startup Router#reload

Viewing Additional Information Router#sh history Router#sh terminal Router#terminal history size {1 -255} Router#sh controllers interface name Router#sh controllers s 0/0/1 Router#sh interface name Router#sh interface f 1 Router#sh ip interface name Router#sh ip interface s 0/0 Router#clear counters interface name Router#sh ip interface brief Interface Status Physical Layer up administratively down up D. L Layer (Line Protocol) up down

Securing Passwords Router(config)#service password-encryption ex: Router#config t Router(config)#service password-encryption Router(config)#exit Router#sh run Router#sh startup Router#copy run start Router#config t Router(config)#no service password-encryption Router(config)#exit Router#copy run start Router#sh run

Configuring Cisco Router through Internet Explorer Router(config)#ip http server Setting Time and Date Router#clock set 00: 00 19 feb 2008