router - pt 5
Home | Pt 1 | Pt 2 | Pt 3 | Pt 4 | Pt 5 | Pt 6 | Chall1 | Chall2 | Chall3 | Chall4Demo | 5-r | Test 

[PDF Tutorial][New Emulators Demo][Purchase]

Authentication, authorization and accounting (AAA). The main elements of security are AAA. These allows for enhanced security for who is allowed to log into a network, and what they are allowed to do, and logs the things that they have done. Typically this security is applied at the edge of a network, using a nework access server (NAS). This server contains a database of users and their associated passwords, and any other configuration. On routers there are three main security protocols: TACACS+, RADIUS and Kerberos. On a router, AAA is enabled with:

1

Go into the privileged mode by typing enable.

2

Configure the device using by typing config t.

3

Then:

(config)# aaa new-model

4

For TACACS+, the IP address of the TACACS+ server is specified with:

(config)# tacacs-server host 192.168.0.10

5

Next the encryption key is specified with:

(config)# tacacs-server key mypass

6

For RADIUS, the IP address of the RADIUS server is specified with:

(config)# radius-server host 192.168.0.10

7

Next the encryption key is specified with:

(config)# radius-server key mypass

8

Go back to the user executive mode with the command exit

9

Show the main system configuration with show running-config.

OSPF and EIGRP. EIGRP is an enhanced version of IGRP, and OSPF is typically used to determine routes on exterior routes. To setup them up:

1

Go into the privileged mode by typing enable.

2

Configure the device using by typing config t.

3

Then:

(config)# router eigrp 100
(config-router)# network 10.1.1.0
(config-router)# network 192.10.20.0
(config-router)# exit

4

Or for OSPF

(config)# router ospf 100
(config-router)# network 10.1.1.0
(config-router)# network 192.10.20.0
(config-router)# exit

8

Go back to the user executive mode with the command exit

9

Show the main system configuration with show running-config.

Clearing information and interfaces. The clear command can be used to reset system settings.

1

Go into the privileged mode by typing enable.

2

Then:

# clear ?
# clear interface ?


3

To reset all of the interfaces:

# clear interface e0
# clear interface s0
# clear interface s1


4

To clear the ARP cache:

# clear arp-cache

6

To clear the IP information:

# clear ip ?

Debug information. The debug command can be used to investigate the operation of the router.

1

Go into the privileged mode by typing enable.

2

Then:

# debug ?


3

For example to display the options to debug IP:

# debug ip ?



4

and to debug RIP:

# debug ip rip

5

To show debug information

# show debug

5

To reset a debug, use undebug:

# undebug ip rip

Viewing files. The main commands to view files are dir (to list a directory), pwd (to show the current directory), cd (change directory), copy (copy a file), erase (erase a file), and delete (delete a file).

1

Go into the privileged mode by typing enable.

2

Then:

# dir
# pwd


Testing. The system can be tested using the test command.

1

Go into the privileged mode by typing enable.

2

Then to test the LEDs:

# test leds


3

To test the default boot parameters:

# test ifs defaults


ENABLING AND DISABLING CDP. CDP (Cisco Discovery Protocol) allows ports to discover the parameters of their neighhours. It is

1

Go into interface mode for E0.

2

To enable the CDP command the command used is cdp enable (it is enabled by default). To disable it, use the command no cdp enable.

3

Go back to the Exec mode, and show that the no cdp enable statement has been added to E0.

4

The parameters used for CDP are shown with show cdp.

5

Show the CDP status on each port with show cdp interface.

6

Show the CDP traffic is show cdp traffic.

7

Show the CDP information of switch's neighbours with show cdp neighbors.

8

For general CDP configuration, go to Config Exec mode and use cdp ?.

9

Use the cdp holdtime 20 command to set the hold timer to 20.

10

Use the cdp timer 30 command to set the timer to 30.

11

Show the running-configuration to check that the commands have been added.

Appletalk. Appletalk is used by Apple computers.

1

Go into the privileged mode by typing enable.

2

To view the options for Appletalk

# show appletalk ?


[Part 6]

If you would like to register the router emulator, or obtain the full version, please complete the following:

Purchase emulator