Configuring Network Devices

Download Report

Transcript Configuring Network Devices

Configuring Network
Devices
Working at a Small-to-Medium Business or ISP –
Chapter 5
Version 4.1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
Objectives
 Configure a router with an initial configuration.
 Use Cisco SDM to configure a Cisco ISR with LAN
connectivity, Internet connectivity and NAT.
 Configure a Cisco router for LAN connectivity, Internet
connectivity and NAT using the Cisco IOS CLI.
 Configure a WAN connection from customer premises
to an ISP.
 Describe, setup and configure a standalone LAN
switch.
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Initial ISR Router Configuration
 ISR combines routing, LAN switching, security,
voice, and WAN connectivity features
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
Initial ISR Router Configuration
 Cisco IOS software modules are called images
 IP Base image: entry-level Cisco IOS
 Images are specific to models of devices
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Cisco IOS Software
 http://www.cisco.com/public/sw-center/sw-ios.shtml
 What do you notice about the categories underneath
the Products and Downloads section and the
capabilities of the Cisco's ISRs?
 Any similarities?
 Why does Microsoft offer so many different versions of
their software?
 How is this similar to the different images offered by the
Cisco IOS?
 How is it different?
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
The Bootup Process
 Startup Configuration File
The startup configuration file is the saved configuration file that
sets the properties of the device each time the device is
powered up.
This file is stored in non-volatile RAM (NVRAM), meaning that it
is saved even when power to the device is turned off.
When the startup configuration file is loaded into RAM, the file
becomes the initial running configuration.
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
The Bootup Process
 Running Configuration File
 The term running configuration refers to the current
configuration running in RAM on the device. This file
contains the commands used to determine how the
device operates on the network.
 The running configuration file is stored in the working
memory of the device. Changes to the configuration
and various device parameters can be made when the
file is in working memory.
 copy running-config startup-config
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
7
Initial ISR Router Configuration
 Tools and equipment required for setup:
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
8
Initial ISR Router Configuration
Three-stage bootup process:
 Power-on self test (POST)
 Locate and load Cisco IOS
 Locate startup configuration file or enter setup
mode
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
Initial ISR Router Configuration
Verifying and troubleshooting bootup process:
 View output from the show version command
 Use dir flash: and boot flash: in ROMmon mode
 View boot system commands
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
What does the command ‘show version’
return?”
 http://articles.techrepublic.com.com/5100-10878_116026475.html
 The version of the IOS operating system
 The version of the ROM bootstrap
 The version of the boot loader
 How someone last powered on the device (In addition
to powering on in the usual manner, you can also
power on a device with a system reset (i.e., warm
reboot) or by a system panic.) …
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
11
Initial ISR Router Configuration
 Out-of-band management for initial configuration
 In-band management over a network connection
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
12
Initial ISR Router Configuration
 Command Line Interface (CLI): text-based
program
 Security Device Manager (SDM): web-based GUI
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
Using Cisco SDM Express and SDM
 Follow best practices for installing a new device
to ensure correct functions
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
14
Using Cisco SDM Express and SDM
Eight SDM Express configuration screens:
 Overview
 Basic configuration
 LAN IP address
 DHCP
 Internet (WAN)
 Firewall
 Security settings
 Summary
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
15
Using Cisco SDM Express and SDM
 Use Basic NAT Wizard to configure dynamic
NAT with PAT
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
Configuring a Router Using IOS CLI
 CLI command modes: two levels of access
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
17
Configuring a Router Using IOS CLI
 Configuration modes can alter the operation of
the device
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
18
Configuring a Router Using IOS CLI
Help features:
 Command completion
 Error indicators
 Command history
 Arrow and function keys
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
19
Configuring a Router Using IOS CLI
 Show commands display configuration and
operation information
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
20
Configuring a Router Using IOS CLI
 Use Cisco IOS CLI to perform an initial router
configuration
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
21
Configuring a Router Using IOS CLI
 Configure serial and Ethernet interfaces on a
router
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
22
Configuring a Router Using IOS CLI
 Configure a default route for the Cisco router
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
23
Configuring a Router Using IOS CLI
 Configure a Cisco router to function as a DHCP
server
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
24
Complete DHCP Example
Router1# configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Router1(config)# ip dhcp pool MyVlan1
Router1(dhcp-config)# network 172.25.1.0 255.255.255.0
Router1(dhcp-config)# default-router 172.25.1.1 172.25.1.3
Router1(dhcp-config)# domain-name MyDomain.com
Router1(dhcp-config)# dns-server 172.25.1.1 10.1.2.3
Router1(dhcp-config)# netbios-name-server 172.25.1.1
Router1(dhcp-config)# netbios-node-type h-node
Router1(dhcp-config)# option 66 ip 10.1.1.1
Router1(dhcp-config)# option 33 ip 192.0.2.1 172.25.1.3
Router1(dhcp-config)# option 31 hex 01
Router1(dhcp-config)# lease 2
Router1(dhcp-config)# exit
Router1(config)# end
Router1#
These option codes are defined in RFC 2132.
Option 66 identifies a TFTP server
Option 33 specifies static routes
Option 31 tells the client to use ICMP Router Discovery Protocol (IRDP).
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
25
Configuring a Router Using IOS CLI
 Configure static NAT on a Cisco router to
enable Internet access for an internal server
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
26
Complete Dynamic NAT Example
Router# configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Router(config)# access-list 15 permit 192.168.0.0 0.0.255.255
Router(config)# ip nat pool MyPOOL 172.16.1.100 172.16.1.150 netmask 255.255.255.0
Router(config)# ip nat inside source list 15 pool MyPOOL
Router(config)# interface FastEthernet 0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# ip nat inside
Router(config-if)# exit
Router(config)# interface Ethernet1/0
Router(config-if)# ip address 172.16.1.2 255.255.255.0
Router(config-if)# ip nat outside
Router(config-if)# exit
Router(config)# end
Router#
The first internal device that makes an outbound connection will get the
first address in the range, 172.16.1.100, the next one will get the next
address, 172.16.1.101, and so forth
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
27
Complete Dynamic NAT Example
Router# configure terminal
Enter configuration commands, one per line.
End with CNTL/Z.
Router(config)# access-list 15 permit 192.168.0.0 0.0.255.255
Router(config)# ip nat pool MyPOOL 172.16.1.100 172.16.1.150 netmask 255.255.255.0
Router(config)# ip nat inside source list 15 pool MyPOOL
Router(config)# interface FastEthernet 0/0
Router(config-if)# ip address 192.168.1.1 255.255.255.0
Router(config-if)# ip nat inside
Router(config-if)# exit
Router(config)# interface FastEthernet 0/1
Router(config-if)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# ip nat inside
Router(config-if)# exit
Router(config)# interface Ethernet1/0
Router(config-if)# ip address 172.16.1.2 255.255.255.0
Router(config-if)# ip nat outside
Router(config-if)# exit
Router(config)# end
Router#
The first internal device that makes an outbound connection will get the
first address in the range, 172.16.1.100, the next one will get the next
address, 172.16.1.101, and so forth
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
28
Configuring a Router Using IOS CLI
 Back up and restore configuration files using a
TFTP server
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
29
Configuring a Router Using IOS CLI
 Capture and save configuration file output from
a terminal session
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
30
Connecting the CPE to the ISP
 Configuration checklists ensure that all
configuration requirements are met
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
31
Connecting the CPE to the ISP
 Use inventory and configuration checklists and
an installation plan to ensure successful
installation
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
32
Connecting the CPE to the ISP
 Documentation includes diagrams, checklists,
and activity logs
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
33
Connecting the CPE to the ISP
Types of customer connections over a WAN:
 Point-to-point
 Circuit-switched
 Packet-switched
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
34
Connecting the CPE to the ISP
 Bandwidth and cost influence WAN choices
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
35
Connecting the CPE to the ISP
 Clock rate and serial encapsulation are needed
when configuring serial WAN connections
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
36
Initial Cisco 2960 Switch Configuration
 Fixed-configuration, standalone devices
 Configured using GUI or CLI
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
37
Initial Cisco 2960 Switch Configuration
 Check switch components
 Connect cables to the switch
 Power up the switch and observe POST
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
38
Initial Cisco 2960 Switch Configuration
 Switch settings can be configured using the
Cisco IOS CLI
 Assign an IP address to the default
management virtual local area network, VLAN1
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
39
Initial Cisco 2960 Switch Configuration
 Connect the stand-alone LAN switch to the
router and verify connectivity
 Configure port security to prevent unauthorized
use
 Shut down unused ports
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
40
Initial Cisco 2960 Switch Configuration
 Cisco Discovery Protocol (CDP) gathers
information about directly-connected Cisco
network devices
 Two Cisco devices directly connected on the
same local network are called neighbors
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
41
Summary
 The Integrated Services Router (ISR) is a good choice
for small to medium businesses and ISP-managed
customers.
 ISRs can be initially configured using SDM or the router
IOS CLI.
 When using the CLI, “show” commands verify
configuration elements.
 An installation plan can minimize disruption to a
network when new devices are being added.
 Documentation is necessary, both when configuring
and when installing network devices.
 Switches are assigned IP addresses by configuring
them on the management interface, VLAN 1.
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
42
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
43