Presentation is loading. Please wait.

Presentation is loading. Please wait.

2010 Cisco Configuration Elements APRICOT 2010 Kuala Lumpur, Malaysia.

Published byMarlene Lamb Modified over 9 years ago

Similar presentations

Presentation on theme: "2010 Cisco Configuration Elements APRICOT 2010 Kuala Lumpur, Malaysia."— Presentation transcript:

1 nsrc@apricot 2010 Cisco Configuration Elements APRICOT 2010 Kuala Lumpur, Malaysia

2 nsrc@apricot 2010 Overview Basic things that we need to make sure are configured on a Cisco router (and switch) to do proper network management These apply to other network equipment manufacturers of course, and to servers and workstations

3 nsrc@apricot 2010 Hostname:Hostname of the device SSH:Enable Secure SHell DNS:Domain Name Lookup NTP:Time synchronization (Network Time Protocol) Syslog:System log messages SNMP:SNMP configuration SNMP traps:Where to send traps CDP:Cisco Discovery Protocol Elements

4 nsrc@apricot 2010 Access the router 1.ssh user@router 2.You are in “user mode” rtr> 3.If you’re user has the privileges, go to “privileged mode” rtr>enable (might need pw) rtr#conf t rtr(config)# 4.Type in configuration commands. 5.Exit and save/build your new configuration rtr(config)#exit rtr#wr mem

5 nsrc@apricot 2010 Preferably we use the FQDN (Fully Qualified Domain Name). In config mode on the router rtr(config)#hostname net-gw.XYZ.domain.name or rtr(config)#hostname net-sw-XYZ.domain.name Hostname

6 nsrc@apricot 2010 In config mode on the router: ip domain-name.mgmt.conference.apricot.net ip name-server 169.223.142.3 DNS configuration

7 nsrc@apricot 2010 In config mode: ntp server pool.ntp.org clock timezone EEST 3 If needed: clock summer-time XXX recurring \ last Sun Mar 2:00 last Sun Oct \ 3:00 Verify: rtr>show clock NTP + time configuration

8 nsrc@apricot 2010 Only crypto version of IOS/CatOS have support for SSH – there are export restrictions... In config mode: rtr#aa new-model rtr#crypto key generate rsa rtr# username inst secret 0 xxxxxx …above is required to be allowed to enable SSH. Verify creation with: sh crypto key mypubkey rsa Use at least 768 bits - OpenSSH requires it SSH

9 nsrc@apricot 2010 Enforce ssh (disabling telnet) on vty lines rtr#conf t rtr(config)#line vty 0 4 rtr(config)#transport input ssh rtr(config)#^Z (“exit” completely) rtr#wr mem SSH is now enabled Telnet is not necessary disabled! - Use ACLs to be sure of this SSH continued

10 nsrc@apricot 2010 In config mode, enable logging to your NOC machine (X is your network) rtr(config)#logging 192.168.X.1 rtr(config)#logging facility local5 rtr(config)#logging trap debugging Syslog

11 nsrc@apricot 2010 In config mode: # snmp-server community xxxxxxxxx RW # snmp-server community public RO # snmp-server location KL # snmp-server enable traps config # snmp-server enable traps envmon # snmp-server enable traps config-copy # snmp-server enable traps syslog # snmp-server host 169.223.142.x public SNMP

12 nsrc@apricot 2010 Cisco Discovery Protocol Enabled by default nowadays in current IOS versions. Otherwise, enable with ”cdp enable” or ”cdp run” in configure mode on your router. tcpdump and tools like cdpr will show you CDP announcements check neighbor announcement with: rtr>show cdp neighbors CDP

13 nsrc@apricot 2010 ? Questions?

Download ppt "2010 Cisco Configuration Elements APRICOT 2010 Kuala Lumpur, Malaysia."

Similar presentations

© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
Cisco Device Hardening Disabling Unused Cisco Router Network Services and Interfaces.

Cisco Device Hardening Disabling Unused Cisco Router Network Services and Interfaces.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
Securing the Router Chris Cunningham.

Securing the Router Chris Cunningham.
CCNA2-1 Chapter 1 Introduction to Routing and Packet Forwarding CLI Configuration and Addressing.

CCNA2-1 Chapter 1 Introduction to Routing and Packet Forwarding CLI Configuration and Addressing.
CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.

CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.
1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen

1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen
Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.
Implementing a Highly Available Network

Implementing a Highly Available Network
1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.

1 CCNA 2 v3.1 Module 4. 2 CCNA 2 Module 4 Learning about Devices.
Introduction to the Cisco IOS

Introduction to the Cisco IOS
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L8 1 Implementing Secure Converged Wide Area Networks (ISCW)

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L8 1 Implementing Secure Converged Wide Area Networks (ISCW)
Chapter 9 Managing a Cisco Internetwork Cisco Router Components Bootstrap - Brings up the router during initialization POST - Checks basic functionality;

Chapter 9 Managing a Cisco Internetwork Cisco Router Components Bootstrap - Brings up the router during initialization POST - Checks basic functionality;
© 2015 Mohamed Samir YouTube channel All rights reserved. www.mohamedsamir.comMohamed Samir CCNP-SWITCHING 300-115 Mohamed Samir YouTube channel Double.

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Equipping Today’s Instructors for Tomorrow’s.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Equipping Today’s Instructors for Tomorrow’s.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Securing Network Services.
Sybex CCNA 640-802 Chapter 7: Managing a Cisco Internetwork Instructor & Todd Lammle.

Sybex CCNA Chapter 7: Managing a Cisco Internetwork Instructor & Todd Lammle.
Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.

Router Hardening Nancy Grover, CISSP ISC2/ISSA Security Conference November 2004.
© Wiley Inc. 2006. All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 9: Managing a Cisco Internetwork.

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 9: Managing a Cisco Internetwork.

Similar presentations

Ads by Google