Webinar topic: CCNA : Intro to Cisco IOS
Presenter: Achmad Mardiansyah, M. Taufik Nurhuda
In this webinar series, CCNA : Intro to Cisco IOS
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/uRDTRlslZtc
4. IOS Mode
● Setup
○ This mode appear when the NVRAM router/switch is empty or not have configuration.
● User Mode
○ For Monitoring Only (limited show, ping, traceroute)
○ Marked by : Router>
● Privileges Mode
○ There are several command for monitoring and troubleshooting (show, ping, copy, trace,
erase)
○ Marked by : Router#
● Global Configuration Mode
○ For Configuration Cisco IOS router/switch
○ Marked by : Router(config)#
● Interface Mode
○ For interface / ip configuration
○ Marked by : Router(config-if)#
5. Configuration Access
● Using Console
○ Console Cable to USB/RJ45
○ Remote console with Putty (Windows OS) and minicom -s (Linux OS)
● Remote Access (Need for IP Address)
○ Telnet
○ SSH
6. Basic Configuration
● IOS Login
○ User mode to Privileges mode
Router> enable
Router#
○ Privileges mode to Global config mode
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
● Hostname
○ Router(config)#
hostname ROUTER-ME
○ ROUTER-ME(config)#
● Disable DNS Lookup
○ ROUTER-ME(config)#
no ip domain-lookup
○ ROUTER-ME(config)#
7. Basic Configuration
● Secure Privileges Mode
○ ROUTER-ME(config)#enable secret mypass
○ ROUTER-ME(config)#exit
TEST THE CONFIGURATION :
○ ROUTER-ME>enable
○ Password: ->enter_the_password
○ ROUTER-ME#
● Secure Global Config Mode
○ ROUTER-ME(config)#line console 0
○ ROUTER-ME(config-line)# password pass123
○ ROUTER-ME(config-line)# login
○ ROUTER-ME(config-line)#
TEST THE CONFIGURATION
○ User Access Verification
○ Password: ->enter the password
○ ROUTER-ME>
8. Basic Configuration
● Secure Remote access Telnet/SSH (VTY Password)
○ ROUTER-ME(config)#
line vty 0 4
○ ROUTER-ME(config-line)#
password mypass
○ ROUTER-ME(config-line)#
login
○ ROUTER-ME(config-line)#
exit
○ ROUTER-ME(config)#
● Encrypt All Plaintext passwords
○ ROUTER-ME(config)#service password-encryption
○ ROUTER-ME(config)#
● Provide Legal Notification on Cisco IOS (MOTD)
○ ROUTER-ME(config)#banner motd "THIS IS MY ROUTER"
TEST THE CONFIGURATION :
Press RETURN to get started!
THIS IS MY ROUTER
User Access Verification
Password:
● Save the configuration
○ ROUTER-ME#copy running-config startup-config
○ Destination filename [startup-config]? PressEnter
○ Building configuration...
○ [OK]
9. Interface Configuration
● IP configuration
○ ROUTER-ME(config)#interface gig0/0/0
○ ROUTER-ME(config-if)#ip address 192.168.10.1 255.255.255.0
● Interface description
○ ROUTER-ME(config-if)#description "Interface for LAN Networks"
● Enable Interface
○ ROUTER-ME(config-if)#no shutdown
○ ROUTER-ME(config-if)#
○ %LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up
○ %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed
state to up
○ ROUTER-ME(config-if)#
● For Disable Interface use command :
○ ROUTER-ME(config-if)# shutdown
10. Display Config
● Show full configuration
○ ROUTER-ME#show running-config
○ Building configuration...
○
○ Current configuration : 850 bytes
○ !
○ version 16.6.4
○ no service timestamps log datetime msec
○ no service timestamps debug datetime msec
○ service password-encryption
○ !
○ hostname ROUTER-ME
○ !
○ enable secret 5 $1$mERr$OP8FVb8wv5vae/zbiXUkx/
○ !
○ ip cef
○ no ipv6 cef
○ !
○ spanning-tree mode pvst
!
○ interface GigabitEthernet0/0/0
○ description "Interface for LAN Networks"
○ ip address 192.168.10.1 255.255.255.0
○ duplex auto
○ speed auto
○ !
11. Display Config
● Show summary interface information
○ ROUTER-ME#show ip interface brief
○ Interface IP-Address OK? Method Status
Protocol
○ GigabitEthernet0/0/0 192.168.10.1 YES manual up
up
○ GigabitEthernet0/0/1 unassigned YES unset administratively
down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively
down down
○ Vlan1 unassigned YES unset administratively
down down
○ ROUTER-ME#
12. Display Config
● Using do command for show config
○ ROUTER-ME(config)#do show ip interface brief
○ Interface IP-Address OK? Method Status
Protocol
○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up
○ GigabitEthernet0/0/1 unassigned YES unset administratively down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively down down
○ Vlan1 unassigned YES unset administratively down down
○ ROUTER-ME(config)#do copy running-config startup-config
○ Destination filename [startup-config]?
○ Building configuration...
○ [OK]
○ ROUTER-ME(config)#
13. Edit/Remove Config
● Edit IP address configuration
○ ROUTER-ME(config)#do show ip int brief
○ Interface IP-Address OK? Method Status Protocol
○ GigabitEthernet0/0/0 192.168.10.1 YES manual up up
○ GigabitEthernet0/0/1 unassigned YES unset administratively down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively down down
○ Vlan1 unassigned YES unset administratively down down
○ ROUTER-ME(config)#int gig0/0/0
○ ROUTER-ME(config-if)#ip add 192.168.20.1 255.255.255.0
○ ROUTER-ME(config-if)#exit
○ ROUTER-ME(config)#do show ip int brief
○ Interface IP-Address OK? Method Status Protocol
○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up
○ GigabitEthernet0/0/1 unassigned YES unset administratively down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively down down
○ Vlan1 unassigned YES unset administratively down down
○ ROUTER-ME(config)#
14. Edit/Remove Config
● Remove IP Address configuration
○ ROUTER-ME(config)# do show ip int brief
○ Interface IP-Address OK? Method Status Protocol
○ GigabitEthernet0/0/0 192.168.20.1 YES manual up up
○ GigabitEthernet0/0/1 unassigned YES unset administratively down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively down down
○ Vlan1 unassigned YES unset administratively down down
○ ROUTER-ME(config)# int gig0/0/0
○ ROUTER-ME(config-if)# no ip add 192.168.20.1 255.255.255.0
○ ROUTER-ME(config-if)# exit
○ ROUTER-ME(config)# do show ip int brief
○ Interface IP-Address OK? Method Status Protocol
○ GigabitEthernet0/0/0 unassigned YES manual up up
○ GigabitEthernet0/0/1 unassigned YES unset administratively down down
○ GigabitEthernet0/0/2 unassigned YES unset administratively down down
○ Vlan1 unassigned YES unset administratively down down
○ ROUTER-ME(config)#
15. Configure Telnet Remote
● For access Telnet/SSH you must configure privileges password using enable password or enable
secret command first
● Configure VTY Password
● Test connect from client
C:>telnet 192.168.10.1
Trying 192.168.10.1 ...OpenTHIS IS MY ROUTER
User Access Verification
Password: ->EnterVTYPassword
ROUTER-ME>enable
Password:
ROUTER-ME#
16. Configure SSH Remote
● Configure domain router
● Configure username and password login
● Configure transport input ssh on line vty
● Generate Crypto key rsa 1024
○ ROUTER-ME(config)#ip domain-name taufik.net
○ ROUTER-ME(config)#username taufik secret taufikpass
○ ROUTER-ME(config)#line vty 0 4
○ ROUTER-ME(config-line)# transport input ssh
○ ROUTER-ME(config-line)# login local
○ ROUTER-ME(config-line)# exit
○ ROUTER-ME(config)#crypto key generate rsa
○ The name for the keys will be: ROUTER-ME.taufik.net
○ Choose the size of the key modulus in the range of 360 to 2048 for your
○ General Purpose Keys. Choosing a key modulus greater than 512 may take
○ a few minutes.
○ How many bits in the modulus [512]: 1024
○ % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
○ ROUTER-ME(config)#
17. Backup & Restore Config
● Backup configuration
● Make sure your router can connected to TFTP Server and enable TFTP Server.
● Setting Backup from router/switch.
ROUTER-ME#copy running-config tftp:
Address or name of remote host []? 192.168.50.2 <-IP Server TFTP
Destination filename [ROUTER-ME-confg]?<-PressEnter
Writing running-config....!!
[OK - 785 bytes]
785 bytes copied in 3.004 secs (261 bytes/sec)
ROUTER-ME#