SlideShare a Scribd company logo

CCNA : Intro to Cisco IOS - Part 2

GLC Networks
GLC Networks

The document provides a comprehensive guide on basic Cisco IOS configurations, including access modes, interface management, and remote access setup using Telnet and SSH. It details various commands and processes for configuring routers and interfaces as well as for backing up and restoring configurations. The document also compares Cisco IOS syntax with Mikrotik RouterOS for better understanding.

Technology
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
CCNA : Intro To Cisco IOS Lab Practice
Profile Nama : M. Taufik Nurhuda Pekerjaan : Guru TKJ, IT Support, Mikrotik Academy Trainer SMK Pelita Pesawaran Facebook : https://www.facebook.com/taufik.nurhuda.5/ LinkedIn : https://www.linkedin.com/in/taufik-nurhuda-5224b1180/ Website : www.taufiknurhuda.web.id
Topic Discussion ● Basic Mode ● How To Access IOS Cisco Router/Switch ● Configure Initial Setting on IOS Cisco Router/Switch ● Interface Configuration ● Display Config ● Edit/Remove Config ● Configure Telnet/SSH Remote ● Backup & Restore Config ● IOS vs Mikrotik Syntax
IOS Mode ● Setup ○ This mode appear when the NVRAM router/switch is empty or not have configuration. ● User Mode ○ For Monitoring Only (limited show, ping, traceroute) ○ Marked by : Router> ● Privileges Mode ○ There are several command for monitoring and troubleshooting (show, ping, copy, trace, erase) ○ Marked by : Router# ● Global Configuration Mode ○ For Configuration Cisco IOS router/switch ○ Marked by : Router(config)# ● Interface Mode ○ For interface / ip configuration ○ Marked by : Router(config-if)#
Configuration Access ● Using Console ○ Console Cable to USB/RJ45 ○ Remote console with Putty (Windows OS) and minicom -s (Linux OS) ● Remote Access (Need for IP Address) ○ Telnet ○ SSH
Basic Configuration ● IOS Login ○ User mode to Privileges mode Router> enable Router# ○ Privileges mode to Global config mode Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ● Hostname ○ Router(config)# hostname ROUTER-ME ○ ROUTER-ME(config)# ● Disable DNS Lookup ○ ROUTER-ME(config)# no ip domain-lookup ○ ROUTER-ME(config)#
Basic Configuration ● Secure Privileges Mode ○ ROUTER-ME(config)#enable secret mypass ○ ROUTER-ME(config)#exit TEST THE CONFIGURATION : ○ ROUTER-ME>enable ○ Password: ->enter_the_password ○ ROUTER-ME# ● Secure Global Config Mode ○ ROUTER-ME(config)#line console 0 ○ ROUTER-ME(config-line)# password pass123 ○ ROUTER-ME(config-line)# login ○ ROUTER-ME(config-line)# TEST THE CONFIGURATION ○ User Access Verification ○ Password: ->enter the password ○ ROUTER-ME>
Basic Configuration ● Secure Remote access Telnet/SSH (VTY Password) ○ ROUTER-ME(config)# line vty 0 4 ○ ROUTER-ME(config-line)# password mypass ○ ROUTER-ME(config-line)# login ○ ROUTER-ME(config-line)# exit ○ ROUTER-ME(config)# ● Encrypt All Plaintext passwords ○ ROUTER-ME(config)#service password-encryption ○ ROUTER-ME(config)# ● Provide Legal Notification on Cisco IOS (MOTD) ○ ROUTER-ME(config)#banner motd "THIS IS MY ROUTER" TEST THE CONFIGURATION : Press RETURN to get started! THIS IS MY ROUTER User Access Verification Password: ● Save the configuration ○ ROUTER-ME#copy running-config startup-config ○ Destination filename [startup-config]? PressEnter ○ Building configuration... ○ [OK]
Interface Configuration ● IP configuration ○ ROUTER-ME(config)#interface gig0/0/0 ○ ROUTER-ME(config-if)#ip address 192.168.10.1 255.255.255.0 ● Interface description ○ ROUTER-ME(config-if)#description "Interface for LAN Networks" ● Enable Interface ○ ROUTER-ME(config-if)#no shutdown ○ ROUTER-ME(config-if)# ○ %LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up ○ %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up ○ ROUTER-ME(config-if)# ● For Disable Interface use command : ○ ROUTER-ME(config-if)# shutdown
Display Config ● Show full configuration ○ ROUTER-ME#show running-config ○ Building configuration... ○ ○ Current configuration : 850 bytes ○ ! ○ version 16.6.4 ○ no service timestamps log datetime msec ○ no service timestamps debug datetime msec ○ service password-encryption ○ ! ○ hostname ROUTER-ME ○ ! ○ enable secret 5 $1$mERr$OP8FVb8wv5vae/zbiXUkx/ ○ ! ○ ip cef ○ no ipv6 cef ○ ! ○ spanning-tree mode pvst ! ○ interface GigabitEthernet0/0/0 ○ description "Interface for LAN Networks" ○ ip address 192.168.10.1 255.255.255.0 ○ duplex auto ○ speed auto ○ !
Display Config ● Show summary interface information ○ ROUTER-ME#show ip interface brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME#
Display Config ● Using do command for show config ○ ROUTER-ME(config)#do show ip interface brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#do copy running-config startup-config ○ Destination filename [startup-config]? ○ Building configuration... ○ [OK] ○ ROUTER-ME(config)#
Edit/Remove Config ● Edit IP address configuration ○ ROUTER-ME(config)#do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#int gig0/0/0 ○ ROUTER-ME(config-if)#ip add 192.168.20.1 255.255.255.0 ○ ROUTER-ME(config-if)#exit ○ ROUTER-ME(config)#do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#
Edit/Remove Config ● Remove IP Address configuration ○ ROUTER-ME(config)# do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)# int gig0/0/0 ○ ROUTER-ME(config-if)# no ip add 192.168.20.1 255.255.255.0 ○ ROUTER-ME(config-if)# exit ○ ROUTER-ME(config)# do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 unassigned YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#
Configure Telnet Remote ● For access Telnet/SSH you must configure privileges password using enable password or enable secret command first ● Configure VTY Password ● Test connect from client C:>telnet 192.168.10.1 Trying 192.168.10.1 ...OpenTHIS IS MY ROUTER User Access Verification Password: ->EnterVTYPassword ROUTER-ME>enable Password: ROUTER-ME#
Configure SSH Remote ● Configure domain router ● Configure username and password login ● Configure transport input ssh on line vty ● Generate Crypto key rsa 1024 ○ ROUTER-ME(config)#ip domain-name taufik.net ○ ROUTER-ME(config)#username taufik secret taufikpass ○ ROUTER-ME(config)#line vty 0 4 ○ ROUTER-ME(config-line)# transport input ssh ○ ROUTER-ME(config-line)# login local ○ ROUTER-ME(config-line)# exit ○ ROUTER-ME(config)#crypto key generate rsa ○ The name for the keys will be: ROUTER-ME.taufik.net ○ Choose the size of the key modulus in the range of 360 to 2048 for your ○ General Purpose Keys. Choosing a key modulus greater than 512 may take ○ a few minutes. ○ How many bits in the modulus [512]: 1024 ○ % Generating 1024 bit RSA keys, keys will be non-exportable...[OK] ○ ROUTER-ME(config)#
Backup & Restore Config ● Backup configuration ● Make sure your router can connected to TFTP Server and enable TFTP Server. ● Setting Backup from router/switch. ROUTER-ME#copy running-config tftp: Address or name of remote host []? 192.168.50.2 <-IP Server TFTP Destination filename [ROUTER-ME-confg]?<-PressEnter Writing running-config....!! [OK - 785 bytes] 785 bytes copied in 3.004 secs (261 bytes/sec) ROUTER-ME#
Cek Backup file from TFTP Server
Backup & Restore Config ● Reset configuration ○ ROUTER-ME#write erase ○ Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] ○ [OK] ○ Erase of nvram: complete ○ %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram ○ ROUTER-ME#reload ○ Proceed with reload? [confirm]
Backup & Restore Config ● Restore configuration Router#copy tftp: running-config Address or name of remote host []? 192.168.50.2 <-IPTFTPSERVER Source filename []? ROUTER-ME-config <-SourceFileBackupName Destination filename [running-config]? <-PressEnter Accessing tftp://192.168.50.2/ROUTER-ME-config... %Error opening tftp://192.168.50.2/ROUTER-ME-config (No such file or directory) Router#copy tftp: running-config Address or name of remote host []? 192.168.50.2 Source filename []? ROUTER-ME-confg Destination filename [running-config]? Accessing tftp://192.168.50.2/ROUTER-ME-confg... Loading ROUTER-ME-confg from 192.168.50.2: ! [OK - 785 bytes] 785 bytes copied in 0 secs ROUTER-ME#
Cisco IOS vs Mikrotik RouterOS Syntax ● Add ip address on interface ● Add route/Default Gateway
Cisco IOS vs Mikrotik RouterOS Syntax ● Reset Configuration
Cisco IOS vs Mikrotik RouterOS Remote Access ● Mikrotik ○ IP Address Based (winbox, Webfig, Telnet,SSH,FTP) ○ Mac Address (Neighbors) ● Cisco ○ IP Address (Telnet,SSH)
THANKS

More Related Content

What's hot (20)

PDF
EOIP Deep Dive
GLC Networks
 
PDF
Best Current Practice (BCP) 38 Ingress Filtering for Security
GLC Networks
 
PDF
Layer 7 Firewall on Mikrotik
GLC Networks
 
PDF
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
GLC Networks
 
PDF
Internet Protocol Deep-Dive
GLC Networks
 
PDF
Automatic Backup via FTP - Part 1
GLC Networks
 
PDF
Mikrotik Bridge Deep Dive
GLC Networks
 
PDF
Up and Running DNS Service
GLC Networks
 
PDF
Radio Optimization In Telco - Part 1
GLC Networks
 
PDF
Mikrotik IP Settings For Performance and Security
GLC Networks
 
PDF
Manage Your Router with Dynamic Public IP
GLC Networks
 
PDF
BGP on RouterOS7 -Part 1
GLC Networks
 
PDF
Socket Programming with Python
GLC Networks
 
PDF
Building a Web Server with NGINX
GLC Networks
 
PDF
Running Moodle for High Concurrent Users
GLC Networks
 
PDF
Up and Running SSH Service - Part 1
GLC Networks
 
PDF
Mikrotik Hotspot
GLC Networks
 
PDF
Using Mikrotik Switch Features to Improve Your Network
GLC Networks
 
PDF
Up and Running with Freebsd
GLC Networks
 
PDF
Network Monitoring with The Dude and Whatsapp
GLC Networks
 
EOIP Deep Dive
GLC Networks
 
Best Current Practice (BCP) 38 Ingress Filtering for Security
GLC Networks
 
Layer 7 Firewall on Mikrotik
GLC Networks
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
GLC Networks
 
Internet Protocol Deep-Dive
GLC Networks
 
Automatic Backup via FTP - Part 1
GLC Networks
 
Mikrotik Bridge Deep Dive
GLC Networks
 
Up and Running DNS Service
GLC Networks
 
Radio Optimization In Telco - Part 1
GLC Networks
 
Mikrotik IP Settings For Performance and Security
GLC Networks
 
Manage Your Router with Dynamic Public IP
GLC Networks
 
BGP on RouterOS7 -Part 1
GLC Networks
 
Socket Programming with Python
GLC Networks
 
Building a Web Server with NGINX
GLC Networks
 
Running Moodle for High Concurrent Users
GLC Networks
 
Up and Running SSH Service - Part 1
GLC Networks
 
Mikrotik Hotspot
GLC Networks
 
Using Mikrotik Switch Features to Improve Your Network
GLC Networks
 
Up and Running with Freebsd
GLC Networks
 
Network Monitoring with The Dude and Whatsapp
GLC Networks
 

Similar to CCNA : Intro to Cisco IOS - Part 2 (20)

PPTX
OSWAN.pptx
BiswajitSahoo339348
 
PDF
01 ip oc180 e1_1 zxr10 m6000_t8000 basic operation (v1.00.20)
legasu zemene
 
PPTX
Chapter: Basic Router Configuration Cisco
samiulsuman
 
PPT
CCNA presentation.
Ajaigururaj R
 
DOCX
Cisco router configuration tutorial
IT Tech
 
PPT
Modes of router
Er. Anmol Bhagat
 
PPTX
ITN_Module_10.pptx gfhfdgsrfryrenikerrtvbter
crystaljhoyl
 
PPTX
Detailed explanation of Basic router configuration
samreenghauri786
 
PPT
04- Module Operating & Configuring IOS.ppt
qaiserfareedjadoon2
 
PDF
Ccna command
Sudhir Maherwal
 
PPTX
CCNA at a glance
Vikas Raut
 
PPT
operating and configuring cisco a cisco IOS device
scooby_doo
 
PDF
Aula04 - configuração da topologia ppp - resolvido
Carlos Veiga
 
PPT
04 module operating & configuring ios
Asif
 
PPT
Day 5.2 startingarouter
CYBERINTELLIGENTS
 
PPTX
CCNA ALL IN ONE
Sripati Mahapatra
 
PPT
cisco Network Associates Notes +++++++++
ssclengineer2025
 
PPT
4040187-Ccna-Notes.pptslide share scam side
santoshp1925
 
PPT
4040187-Ccna-Notes.pptnotew for all users
santoshp1925
 
PPTX
CCNA ppt Day 4
VISHNU N
 
OSWAN.pptx
BiswajitSahoo339348
 
01 ip oc180 e1_1 zxr10 m6000_t8000 basic operation (v1.00.20)
legasu zemene
 
Chapter: Basic Router Configuration Cisco
samiulsuman
 
CCNA presentation.
Ajaigururaj R
 
Cisco router configuration tutorial
IT Tech
 
Modes of router
Er. Anmol Bhagat
 
ITN_Module_10.pptx gfhfdgsrfryrenikerrtvbter
crystaljhoyl
 
Detailed explanation of Basic router configuration
samreenghauri786
 
04- Module Operating & Configuring IOS.ppt
qaiserfareedjadoon2
 
Ccna command
Sudhir Maherwal
 
CCNA at a glance
Vikas Raut
 
operating and configuring cisco a cisco IOS device
scooby_doo
 
Aula04 - configuração da topologia ppp - resolvido
Carlos Veiga
 
04 module operating & configuring ios
Asif
 
Day 5.2 startingarouter
CYBERINTELLIGENTS
 
CCNA ALL IN ONE
Sripati Mahapatra
 
cisco Network Associates Notes +++++++++
ssclengineer2025
 
4040187-Ccna-Notes.pptslide share scam side
santoshp1925
 
4040187-Ccna-Notes.pptnotew for all users
santoshp1925
 
CCNA ppt Day 4
VISHNU N
 
Ad

More from GLC Networks (20)

PDF
Firewall mangle PBR: steering outbound path similar to inbound
GLC Networks
 
PDF
Internal BGP tuning: Mesh peering to avoid loop
GLC Networks
 
PDF
BGP tuning: Peer with loopback
GLC Networks
 
PDF
BGP security tuning: pull-up route
GLC Networks
 
PDF
BGP troubleshooting: route origin
GLC Networks
 
PDF
Steering traffic in OSPF: Interface cost
GLC Networks
 
PDF
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
GLC Networks
 
PDF
Tuning OSPF: Prefix Aggregate
GLC Networks
 
PDF
Tuning OSPF: area hierarchy, LSA, and area type
GLC Networks
 
PDF
Stable OSPF: choosing network type.pdf
GLC Networks
 
PDF
Controlling Access Between Devices in the same Layer 2 Segment
GLC Networks
 
PDF
GIT as Mikrotik Configuration Management
GLC Networks
 
PDF
RouterOS Migration From v6 to v7
GLC Networks
 
PDF
Policy Based Routing with Indirect BGP - Part 2
GLC Networks
 
PDF
Policy Based Routing with Indirect BGP - Part 1
GLC Networks
 
PPTX
Automatic Backup via FTP - Part 2
GLC Networks
 
PDF
Voice Services, From Circuit Switch to VoIP
GLC Networks
 
PDF
MPLS on Router OS V7 - Part 2
GLC Networks
 
PDF
BGP on RouterOS7 - Part 2
GLC Networks
 
PDF
OSPF On Router OS7 - Part 2
GLC Networks
 
Firewall mangle PBR: steering outbound path similar to inbound
GLC Networks
 
Internal BGP tuning: Mesh peering to avoid loop
GLC Networks
 
BGP tuning: Peer with loopback
GLC Networks
 
BGP security tuning: pull-up route
GLC Networks
 
BGP troubleshooting: route origin
GLC Networks
 
Steering traffic in OSPF: Interface cost
GLC Networks
 
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
GLC Networks
 
Tuning OSPF: Prefix Aggregate
GLC Networks
 
Tuning OSPF: area hierarchy, LSA, and area type
GLC Networks
 
Stable OSPF: choosing network type.pdf
GLC Networks
 
Controlling Access Between Devices in the same Layer 2 Segment
GLC Networks
 
GIT as Mikrotik Configuration Management
GLC Networks
 
RouterOS Migration From v6 to v7
GLC Networks
 
Policy Based Routing with Indirect BGP - Part 2
GLC Networks
 
Policy Based Routing with Indirect BGP - Part 1
GLC Networks
 
Automatic Backup via FTP - Part 2
GLC Networks
 
Voice Services, From Circuit Switch to VoIP
GLC Networks
 
MPLS on Router OS V7 - Part 2
GLC Networks
 
BGP on RouterOS7 - Part 2
GLC Networks
 
OSPF On Router OS7 - Part 2
GLC Networks
 
Ad

Recently uploaded (20)

PPTX
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
PPTX
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
PDF
Meetup Kickoff & Welcome - Rohit Yadav, CSIUG Chairman
ShapeBlue
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
PDF
Building Resilience with Digital Twins : Lessons from Korea
SANGHEE SHIN
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Français Patch Tuesday - Juillet
Ivanti
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PPTX
Darren Mills The Migration Modernization Balancing Act: Navigating Risks and...
AWS Chicago
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PDF
Ampere Offers Energy-Efficient Future For AI And Cloud
ShapeBlue
 
PDF
Smart Air Quality Monitoring with Serrax AQM190 LITE
SERRAX TECHNOLOGIES LLP
 
PPTX
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
PDF
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
PDF
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
PDF
Apache CloudStack 201: Let's Design & Build an IaaS Cloud
ShapeBlue
 
Building a Production-Ready Barts Health Secure Data Environment Tooling, Acc...
Barts Health
 
WooCommerce Workshop: Bring Your Laptop
Laura Hartwig
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
Women in Automation Presents: Reinventing Yourself — Bold Career Pivots That ...
DianaGray10
 
Meetup Kickoff & Welcome - Rohit Yadav, CSIUG Chairman
ShapeBlue
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
Wojciech Ciemski for Top Cyber News MAGAZINE. June 2025
Dr. Ludmila Morozova-Buss
 
Building Resilience with Digital Twins : Lessons from Korea
SANGHEE SHIN
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Français Patch Tuesday - Juillet
Ivanti
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Darren Mills The Migration Modernization Balancing Act: Navigating Risks and...
AWS Chicago
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
Ampere Offers Energy-Efficient Future For AI And Cloud
ShapeBlue
 
Smart Air Quality Monitoring with Serrax AQM190 LITE
SERRAX TECHNOLOGIES LLP
 
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
Apache CloudStack 201: Let's Design & Build an IaaS Cloud
ShapeBlue
 

CCNA : Intro to Cisco IOS - Part 2

  • 1. CCNA : Intro To Cisco IOS Lab Practice
  • 2. Profile Nama : M. Taufik Nurhuda Pekerjaan : Guru TKJ, IT Support, Mikrotik Academy Trainer SMK Pelita Pesawaran Facebook : https://www.facebook.com/taufik.nurhuda.5/ LinkedIn : https://www.linkedin.com/in/taufik-nurhuda-5224b1180/ Website : www.taufiknurhuda.web.id
  • 3. Topic Discussion ● Basic Mode ● How To Access IOS Cisco Router/Switch ● Configure Initial Setting on IOS Cisco Router/Switch ● Interface Configuration ● Display Config ● Edit/Remove Config ● Configure Telnet/SSH Remote ● Backup & Restore Config ● IOS vs Mikrotik Syntax
  • 4. IOS Mode ● Setup ○ This mode appear when the NVRAM router/switch is empty or not have configuration. ● User Mode ○ For Monitoring Only (limited show, ping, traceroute) ○ Marked by : Router> ● Privileges Mode ○ There are several command for monitoring and troubleshooting (show, ping, copy, trace, erase) ○ Marked by : Router# ● Global Configuration Mode ○ For Configuration Cisco IOS router/switch ○ Marked by : Router(config)# ● Interface Mode ○ For interface / ip configuration ○ Marked by : Router(config-if)#
  • 5. Configuration Access ● Using Console ○ Console Cable to USB/RJ45 ○ Remote console with Putty (Windows OS) and minicom -s (Linux OS) ● Remote Access (Need for IP Address) ○ Telnet ○ SSH
  • 6. Basic Configuration ● IOS Login ○ User mode to Privileges mode Router> enable Router# ○ Privileges mode to Global config mode Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ● Hostname ○ Router(config)# hostname ROUTER-ME ○ ROUTER-ME(config)# ● Disable DNS Lookup ○ ROUTER-ME(config)# no ip domain-lookup ○ ROUTER-ME(config)#
  • 7. Basic Configuration ● Secure Privileges Mode ○ ROUTER-ME(config)#enable secret mypass ○ ROUTER-ME(config)#exit TEST THE CONFIGURATION : ○ ROUTER-ME>enable ○ Password: ->enter_the_password ○ ROUTER-ME# ● Secure Global Config Mode ○ ROUTER-ME(config)#line console 0 ○ ROUTER-ME(config-line)# password pass123 ○ ROUTER-ME(config-line)# login ○ ROUTER-ME(config-line)# TEST THE CONFIGURATION ○ User Access Verification ○ Password: ->enter the password ○ ROUTER-ME>
  • 8. Basic Configuration ● Secure Remote access Telnet/SSH (VTY Password) ○ ROUTER-ME(config)# line vty 0 4 ○ ROUTER-ME(config-line)# password mypass ○ ROUTER-ME(config-line)# login ○ ROUTER-ME(config-line)# exit ○ ROUTER-ME(config)# ● Encrypt All Plaintext passwords ○ ROUTER-ME(config)#service password-encryption ○ ROUTER-ME(config)# ● Provide Legal Notification on Cisco IOS (MOTD) ○ ROUTER-ME(config)#banner motd "THIS IS MY ROUTER" TEST THE CONFIGURATION : Press RETURN to get started! THIS IS MY ROUTER User Access Verification Password: ● Save the configuration ○ ROUTER-ME#copy running-config startup-config ○ Destination filename [startup-config]? PressEnter ○ Building configuration... ○ [OK]
  • 9. Interface Configuration ● IP configuration ○ ROUTER-ME(config)#interface gig0/0/0 ○ ROUTER-ME(config-if)#ip address 192.168.10.1 255.255.255.0 ● Interface description ○ ROUTER-ME(config-if)#description "Interface for LAN Networks" ● Enable Interface ○ ROUTER-ME(config-if)#no shutdown ○ ROUTER-ME(config-if)# ○ %LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up ○ %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up ○ ROUTER-ME(config-if)# ● For Disable Interface use command : ○ ROUTER-ME(config-if)# shutdown
  • 10. Display Config ● Show full configuration ○ ROUTER-ME#show running-config ○ Building configuration... ○ ○ Current configuration : 850 bytes ○ ! ○ version 16.6.4 ○ no service timestamps log datetime msec ○ no service timestamps debug datetime msec ○ service password-encryption ○ ! ○ hostname ROUTER-ME ○ ! ○ enable secret 5 $1$mERr$OP8FVb8wv5vae/zbiXUkx/ ○ ! ○ ip cef ○ no ipv6 cef ○ ! ○ spanning-tree mode pvst ! ○ interface GigabitEthernet0/0/0 ○ description "Interface for LAN Networks" ○ ip address 192.168.10.1 255.255.255.0 ○ duplex auto ○ speed auto ○ !
  • 11. Display Config ● Show summary interface information ○ ROUTER-ME#show ip interface brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME#
  • 12. Display Config ● Using do command for show config ○ ROUTER-ME(config)#do show ip interface brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#do copy running-config startup-config ○ Destination filename [startup-config]? ○ Building configuration... ○ [OK] ○ ROUTER-ME(config)#
  • 13. Edit/Remove Config ● Edit IP address configuration ○ ROUTER-ME(config)#do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#int gig0/0/0 ○ ROUTER-ME(config-if)#ip add 192.168.20.1 255.255.255.0 ○ ROUTER-ME(config-if)#exit ○ ROUTER-ME(config)#do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#
  • 14. Edit/Remove Config ● Remove IP Address configuration ○ ROUTER-ME(config)# do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)# int gig0/0/0 ○ ROUTER-ME(config-if)# no ip add 192.168.20.1 255.255.255.0 ○ ROUTER-ME(config-if)# exit ○ ROUTER-ME(config)# do show ip int brief ○ Interface IP-Address OK? Method Status Protocol ○ GigabitEthernet0/0/0 unassigned YES manual up up ○ GigabitEthernet0/0/1 unassigned YES unset administratively down down ○ GigabitEthernet0/0/2 unassigned YES unset administratively down down ○ Vlan1 unassigned YES unset administratively down down ○ ROUTER-ME(config)#
  • 15. Configure Telnet Remote ● For access Telnet/SSH you must configure privileges password using enable password or enable secret command first ● Configure VTY Password ● Test connect from client C:>telnet 192.168.10.1 Trying 192.168.10.1 ...OpenTHIS IS MY ROUTER User Access Verification Password: ->EnterVTYPassword ROUTER-ME>enable Password: ROUTER-ME#
  • 16. Configure SSH Remote ● Configure domain router ● Configure username and password login ● Configure transport input ssh on line vty ● Generate Crypto key rsa 1024 ○ ROUTER-ME(config)#ip domain-name taufik.net ○ ROUTER-ME(config)#username taufik secret taufikpass ○ ROUTER-ME(config)#line vty 0 4 ○ ROUTER-ME(config-line)# transport input ssh ○ ROUTER-ME(config-line)# login local ○ ROUTER-ME(config-line)# exit ○ ROUTER-ME(config)#crypto key generate rsa ○ The name for the keys will be: ROUTER-ME.taufik.net ○ Choose the size of the key modulus in the range of 360 to 2048 for your ○ General Purpose Keys. Choosing a key modulus greater than 512 may take ○ a few minutes. ○ How many bits in the modulus [512]: 1024 ○ % Generating 1024 bit RSA keys, keys will be non-exportable...[OK] ○ ROUTER-ME(config)#
  • 17. Backup & Restore Config ● Backup configuration ● Make sure your router can connected to TFTP Server and enable TFTP Server. ● Setting Backup from router/switch. ROUTER-ME#copy running-config tftp: Address or name of remote host []? 192.168.50.2 <-IP Server TFTP Destination filename [ROUTER-ME-confg]?<-PressEnter Writing running-config....!! [OK - 785 bytes] 785 bytes copied in 3.004 secs (261 bytes/sec) ROUTER-ME#
  • 18. Cek Backup file from TFTP Server
  • 19. Backup & Restore Config ● Reset configuration ○ ROUTER-ME#write erase ○ Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] ○ [OK] ○ Erase of nvram: complete ○ %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram ○ ROUTER-ME#reload ○ Proceed with reload? [confirm]
  • 20. Backup & Restore Config ● Restore configuration Router#copy tftp: running-config Address or name of remote host []? 192.168.50.2 <-IPTFTPSERVER Source filename []? ROUTER-ME-config <-SourceFileBackupName Destination filename [running-config]? <-PressEnter Accessing tftp://192.168.50.2/ROUTER-ME-config... %Error opening tftp://192.168.50.2/ROUTER-ME-config (No such file or directory) Router#copy tftp: running-config Address or name of remote host []? 192.168.50.2 Source filename []? ROUTER-ME-confg Destination filename [running-config]? Accessing tftp://192.168.50.2/ROUTER-ME-confg... Loading ROUTER-ME-confg from 192.168.50.2: ! [OK - 785 bytes] 785 bytes copied in 0 secs ROUTER-ME#
  • 21. Cisco IOS vs Mikrotik RouterOS Syntax ● Add ip address on interface ● Add route/Default Gateway
  • 22. Cisco IOS vs Mikrotik RouterOS Syntax ● Reset Configuration
  • 23. Cisco IOS vs Mikrotik RouterOS Remote Access ● Mikrotik ○ IP Address Based (winbox, Webfig, Telnet,SSH,FTP) ○ Mac Address (Neighbors) ● Cisco ○ IP Address (Telnet,SSH)