Presentation is loading. Please wait.

Presentation is loading. Please wait.

MM Clements Adding Value to IOS Configs. Introduction IOS configs need you to add information Basic IP and subnet mask Clock rates for serial links Routing.

Published byEileen Goodwin Modified over 9 years ago

Similar presentations

Presentation on theme: "MM Clements Adding Value to IOS Configs. Introduction IOS configs need you to add information Basic IP and subnet mask Clock rates for serial links Routing."— Presentation transcript:

1 MM Clements Adding Value to IOS Configs

2 Introduction IOS configs need you to add information Basic IP and subnet mask Clock rates for serial links Routing protocol statements Access control lists But…. There are added extras that will make a configuration better 2 ITCN

3 Comments in configuration files A config file can be confusing if you are asked to maintain or adjust an existing configuration Suppose you are asked to change the clock rate on the link to our Paris router Simple? Sure Let’s have a look….. 3 ITCN

4 Here’s the Config… interface Serial0/0 ip address 172.16.0.2 255.255.255.252 clock rate 64000 ! interface Serial0/1 ip address 172.16.0.13 255.255.255.252 clock rate 64000 ! interface Serial0/2 ip address 172.16.0.10 255.255.255.252 clock rate 64000 Which Serial interface links to Paris? 4 ITCN

5 What now? We need more information, so we can… Ask your supervisor? Phone Paris? Check documentation? Check with a colleague? Guess? 5 ITCN

6 Improving the config We could add a description in the config file This has no effect on the operation of the router It has a great effect on the human side of our operation It allows us to add some human-type data to the machine configuration 6 ITCN

7 How it is done… Medway#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Medway(config)#interface s0/0 Medway(config-if)#description Link to Paris Medway(config-if)#exit 7 ITCN

8 Appears as….. ! interface Serial0/0 description Link to Paris ip address 172.16.0.2 255.255.255.252 ! 8 ITCN

9 Much clearer with comments This has made repeat operations much easier This is not rocket science but adds a good measure of sense to our configuration 9 ITCN

10 Challenge number 2 You have been asked to change the subnet mask on the second floor LAN Easy? Of course Let’s have a look at the config file... ITCN 10

11 The config file interface FastEthernet0/0 ip address 192.168.1.1 255.255.255.224 duplex auto speed auto ! interface FastEthernet0/1 ip address 192.168.11.1 255.255.255.224 duplex auto speed auto ITCN 11 Which interface?

12 Can’t get on with the job yet because We need more information, so we can… Ask your supervisor? Phone the second floor? Check documentation? Check with a colleague? Guess? ITCN 12

13 The solution... Avery_Hill#conf t Enter configuration commands, one per line. End with CNTL/Z. Avery_Hill(config)#int fa0/0 Avery_Hill(config-if)#description Second Floor Office ITCN 13

14 Appears as interface FastEthernet0/0 description Second Floor Office ip address 192.168.1.1 255.255.255.224 duplex auto speed auto ! interface FastEthernet0/1 description First Floor Office ip address 192.168.11.1 255.255.255.224 duplex auto speed auto ITCN 14

15 Solved – now another You are asked to change the security in a network and need to adjust an Access Control List Jones’ is no longer allowed access to the Internet Let’s see the config first ITCN 15

16 Remarks Remarks about entries in an IP access list make the list easier to understand and scan. For example, it is not immediately clear what the purpose of the following entry is: access-list 1 permit 171.69.2.88 ITCN 16

17 Adding Remarks to ACLs It is much easier to read a remark about the entry to understand its effect, as follows: access-list 1 remark Permit only Jones workstation through access-list 1 permit 171.69.2.88 ITCN 17

18 Easing our work The remark made it easy to understand the purpose of the ACL statement Can add one comment per line access-list 1 remark comment top line access-list 1 permit host 192.168.1.10 access-list 1 remark comment next line access-list 1 deny host 192.168.1.144 ITCN 18

19 Other additions Encrypted enable password TELNET logins and passwords Always use ‘cisco’ or ‘class’ for passwording in exercises NEVER use these in a production network ITCN 19

20 Conclusion Comments make human lives easier It facilitates maintenance It increases accuracy Passwords increase security Messages allow us to see where we are logging into ITCN 20

21 References [1] http://www.cisco.com/en/US/docs/ios/12_0t/12_0t2/feature/guide/comment.html ITCN 21

Download ppt "MM Clements Adding Value to IOS Configs. Introduction IOS configs need you to add information Basic IP and subnet mask Clock rates for serial links Routing."

Similar presentations

Configuring a Router Harold Hernandez, MS, CCNI. 3.1 Configuring a Router Name a router Set passwords Examine show commands Configure a serial interface.

Configuring a Router Harold Hernandez, MS, CCNI. 3.1 Configuring a Router Name a router Set passwords Examine show commands Configure a serial interface.
Access Control List (ACL)

Access Control List (ACL)
 WAN uses Serial ports  Ethernet Ports:  Straight through  Cross over.

 WAN uses Serial ports  Ethernet Ports:  Straight through  Cross over.
CCNA2-1 Chapter 1 Introduction to Routing and Packet Forwarding CLI Configuration and Addressing.

CCNA2-1 Chapter 1 Introduction to Routing and Packet Forwarding CLI Configuration and Addressing.
Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.

Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
Chapter 7 RIP Version 2 (RIPv2).

Chapter 7 RIP Version 2 (RIPv2).
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.

NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
Introduction to the Cisco IOS

Introduction to the Cisco IOS
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen

1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen
Static Routing Last Update 2011.05.15 1.3.0 1Copyright 2008-2011 Kenneth M. Chipps Ph.D. www.chipps.com.

Static Routing Last Update Copyright Kenneth M. Chipps Ph.D.
The Cisco ACL. 1.The Cisco ACL is simply a means to filter traffic that crosses your router. 2.It has two major syntax types numbered and named lists.

The Cisco ACL. 1.The Cisco ACL is simply a means to filter traffic that crosses your router. 2.It has two major syntax types numbered and named lists.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 Access Control Lists - Introduction.

CISCO NETWORKING ACADEMY Chabot College ELEC Access Control Lists - Introduction.
NMS Labs Mikko Suomi LAB1 Choose SNMP device managment software Features: –Gives Nice overview of network –Bandwith monitoring –Multible.

NMS Labs Mikko Suomi LAB1 Choose SNMP device managment software Features: –Gives Nice overview of network –Bandwith monitoring –Multible.

Similar presentations

Ads by Google