Pages

Jun 30, 2010

Static routing

Here an example on how to connect routers using static routing, in this example I only use 2 routers (Router A and Router B) and have 3 networks, first one is the Router A LAN network (192.168.1.0/24), second is Router B LAN network (192.168.2.0/24) and the third network is the connection between router A and B which is (192.168.3.0/252). Below shown the network topology



in order routers to routes packets, routers save the network destination in routing table. By default, the network that is directly connected to the router is automatically saved in the routing table of the router.

For router A,network 192.168.1.0/24 and network 192.168.3.0/252 are directly connected to the router A, so these two network does not have to be add in the ip route of router A. Network 192.168.2.0/24 is not directly connected to router A, therefore we want to add this network into routing table of Router A. So, to do so, enter cli of Router A then execute this command:

RouterA(config)#ip route 192.168.2.0 255.255.255.0 192.168.3.2
RouterA(config)#ip default-network 192.168.2.0

explaination:

RouterA(config)#ip route [network that we wanna add in routing table] [its subnet mask] [the exit interface ip address of the router that are connected to the network we want to add in routing table]

RouterA(config)#ip default-network [network that we wanna add in routing table] .

Then for RouterB, the network that is not directly connected to it is the network 192.168.1.0/24. Therefore we have to add this network into the routing table of RouterB, enter this command:

RouterB(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1
RouterB(config)#ip default-network 192.168.1.0

the explaination is same as the RouterA.

Alternatively, you can give the name of the exit interface of the router(refer to the topology above):

RouterA(config)#ip route 192.168.2.0 255.255.255.0 fa0/0

RouterB(config)#ip route 192.168.1.0 255.255.255.0 fa0/0

Now, ping between PC in network 192.168.1.0/24 with 192.168.2.0/24 should be successful.
Static routing is not the only way to connect routers and routes the packets from different network, alternatively you could do dynamic routing that consist of EIGRP,BGP,OSPF and few others.
Posted by muadzwank at 11:32 PM 0 comments
Labels: ,

enable multiple users on cisco ios

Here is an example on how to create multiple users with its specified privilege level. In this example, I create 2 users which are:

1.admin - privilege 15
2.support - privilege 2

admin have privilege 15 because he is super user, he can configure and execute command, while support have privilege 2, we want to restrict access of privilege 2 which he cannot execute command, he can only show specific configuration which has been configured for the level 2 privilege.

So, first step we have to create a login name,the privilege level(15) and the password for the admin:

cisco(config)#username admin privilege 15 secret cisco.

im using secret command for encrypt the password . Then, to enable the CLI to prompt the login and password each time you want to access the device,execute this command:

cisco(config)#line console 0
cisco(config-if)#login local

After that, I create the level 2 access privilege, in this example, I want support users only able to show running config command and only certain details specified to the sh running config command will appear.

cisco(config)#privilege exec level 2 show running-config
cisco(config)#privilege conf level 2 router
cisco(config)#privilege conf level 2 hostname
cisco(config)#privilege conf level 2 interface
cisco(config)#privilege interface level 2 ip add

Then,still in admin privilege, I create user named support and assign it to privilege 2 and its password using secret,here the command:

cisco(config)#username support privilege 2 secret cisco

Lastly, exit admin and login into user support and try the command sh run, the show run will only display the details that I have specified earlier . Try enter command config t, you will cannot enter the config t mode.

save running config, command wr.
Posted by muadzwank at 8:25 PM 0 comments
Labels: ,

Jun 22, 2010

Enable username and password on cisco switches & routers

To enable username and password each time user want to login into the devices:

switch(config)#username user password pass
-create the username and password for the devices
switch(config)#aaa new model
switch(config)#authentication login default local
-enable the switch to prompt the username and password to be fill in when user want to access into the devices.


user will be prompt to fill in username and password when accessing the device.
Posted by muadzwank at 8:53 PM 0 comments
Labels: ,

Jun 14, 2010

Configure DHCP on cisco router

Examlpe on how to setup a simple DHCP on router,this would become very useful when configuring dynamic ip address to end devices.

Router>en
Router#conf t
Router(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.5
--excluded this address from being lease by the
--router(range from 192.168.1.1 - 192.168.1.5)
Router(config)#ip dhcp pool OFFICE
--create dhcp pool with its name
Router(dhcp-config)#network 192.168.1.0 255.255.255.0
--specify network and network mask
Router(dhcp-config)#default-router 192.168.1.1
--set the default gateway for the network
Router#sh ip dhcp binding
IP address Client-ID/ Lease expiration Type
Hardware address
192.168.1.3 000D.BDA7.0CBC -- Automatic
192.168.1.2 000D.BDDD.29C2 -- Automatic
192.168.1.4 0000.0CAB.97C7 -- Automatic
192.168.1.5 0001.C767.28A7 -- Automatic
192.168.1.6 000A.F390.024A -- Automatic
-show the dhcp configuration
Posted by muadzwank at 7:12 AM 0 comments
Labels:
Subscribe to: Posts (Atom)
Related Posts with Thumbnails