Category: Cisco

Cisco – Building a Host Table on a Router or Switch

In this example there is a router with a hostname of “router-2″ that has a serial interface configured with the Internet Protocol (IP) address of 172.16.4.2. Without an entry in the host table of the router or a Domain Name System (DNS) server I cannot use the hostname of the router in order to ping or telnet to the device.

router-1#ping router-2
Translating “router-2″
% Unrecognized host or address, or protocol not running.

router-1#telnet router-2
Translating “router-2″
% Unknown command or computer name, or unable to find computer address

To create a host table entry that provides name resolution for “router-2″ that points to IP address 172.16.4.2 I use the following commands.

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#ip host router-2 23 172.16.4.2
router-1(config)#^Z

The above command “ip host” is provided the name of the device (router-2), default telnet port (23) and the IP address of the router. I may then check this entry using the “show hosts” command.

router-1#show hosts
Default domain is not set
Name/address lookup uses static mappings

Host Flags Age Type Address(es)
router-2 (perm, OK) 0 IP 172.16.4.2

Additionally, I may test the entry by pinging and telnetting to the router using the hostname provided in the host table.

router-1#ping router-2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.4.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
router-1#telnet router-2
Trying router-2 (172.16.4.2)… Open
User Access Verification

Password:

Enjoy!


Cisco – Configuring Static Routes

You may use the following method to add a static route to the routing table of a Cisco router.

Before configuring the static route(s) you may run the following commands in order to get a better idea of the network(s) configured on the existing router.

router-1#show ip route
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, * – candidate default
U – per-user static route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 2 subnets
C 172.16.4.0 is directly connected, Serial0
C 172.16.3.0 is directly connected, Ethernet0

router-1#show cdp entry * protocol
Protocol information for router-2 :
IP address: 172.16.4.2

The “show ip route” command provides us with the directly connected routes/networks. Additionally, the “show cdp entry * protocol” command provides the Internet Protocol (IP) address of a directly connected router (172.16.4.2) which we will use to complete the static routing entry. Before creating the static routing entry use the “ping” command to be certain you can reach the next hop router.

router-1#ping 172.16.4.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.4.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Now, we may begin creating the static routing entry.

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#ip route 172.16.5.0 255.255.255.0 172.16.4.2 permanent
router-1(config)#^Z

The “ip route” tells the router it is a static entry, 172.16.5.0 is the network to be reached, 255.255.255.0 is the subnet mask of the 172.16.5.0 network, the IP address of 172.16.4.2 is the address of the router that will accept and forward the packet (router-2) and the “permanent” tells the router to keep the entry in the routing table even if the network can’t be reached (such as the interface of the 172.16.5.0/24 network being down).

Next, you may use the “show ip route” command to verify the route in the routing table.

router-1#show ip route
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, * – candidate default
U – per-user static route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 3 subnets
C 172.16.4.0 is directly connected, Serial0
S 172.16.5.0 [1/0] via 172.16.4.2
C 172.16.3.0 is directly connected, Ethernet0

As you can see from the output above the 172.16.5.0/24 is in the routing table. Now, you may ping the gateway of the network, in this example it is 172.16.5.1, to verify network connectivity.

router-1#ping 172.16.5.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Enjoy!


Cisco – Troubleshooting Static Routes

The following example is utilizing two Cisco 2500 series routers with two serial interfaces and two ethernet interfaces. I created a lab Wide Area Network (WAN) in order to configure static routes on Cisco routers. My goal was to create a static route from the ethernet interface (172.16.3.1) on router-1 to reach the ethernet interface (172.16.5.1) on router-2. After creating the static route on the router-1 ethernet interface (172.16.3.0/24) to reach the 172.16.5.0/24 network on the ethernet interface of router-2 I was still unable to ping the 172.16.5.0/24 network from the 172.16.3.0/24 network. I then began troubleshooting.

My first thought was that the network cable could be the cause due to the fact that I had not used it prior. After switching the network cable in question with a known good cable and receiving the same results I was able to rule out the network cable as the cause of the issue.

My next suspicion was that the ethernet interface on router-2 was possibly dead. I knew this was not the case after viewing the results of the “show ip interface brief” command and seeing the interface was up/up.

router-2#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0 172.16.5.1 YES NVRAM up up
Serial0 172.16.4.2 YES NVRAM up up
Serial1 unassigned YES unset administratively down down

My next step in troubleshooting was to view the static route entry I previously created from the 172.16.3.0/24 network to the 172.16.5.0/24 network using the “show running-config” command. I did not use the “show ip route” command because the static route entry would not have shown itself in the routing table due to the fact that the two networks were not communicating (only networks that communicate show up in the routing table). Upon inspecting the static routing entry I realized I made a mistake in the command syntax and created a new static route entry from the 172.16.3.0/24 network on router-1 to the 172.16.5.0/24 network on router-2. Please keep in mind that the two prior networks are configured on the ethernet interfaces of the router and are separated by the WAN (172.16.4.0/24) on the serial0 interfaces of the routers. The new static entry looks like this.

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#ip route 172.16.5.0 255.255.255.0 172.16.4.2 permanent
router-1(config)#^Z

I then verified the route in the routing table.

router-1#show ip route
Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, * – candidate default
U – per-user static route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 3 subnets
C 172.16.4.0 is directly connected, Serial0
S 172.16.5.0 [1/0] via 172.16.4.2
C 172.16.3.0 is directly connected, Ethernet0

I tested the entry using the “ping” command from router-1.

router-1#ping 172.16.5.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
router-1#ping 172.16.5.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.5.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

The Internet Protocol (IP) address of 172.16.5.1 is the default gateway of the 172.16.5.0/24 network and the IP address of 172.16.5.2 is the host on the network. As you can see from the output above this static route entry was entered correctly and is functioning properly.

Enjoy!


Cisco – Performing a Password Reset on a Cisco Router

If you ever find yourself locked out of a Cisco router because you forgot the enable secret (privileged mode) password you may use the following steps to perform a password recovery on the Cisco device. The router in this example is 1700 series Cisco router.

1. Press ctrl+break during the boot sequence and enter ROM monitor mode.

monitor: command “boot” aborted due to user interrupt
rommon 1 >

2. Change the configuration register value to 2142 (0×2142).

rommon 1 > confreg 0×2142

You must reset or power cycle for new config to take effect

3. Reload the router using the ‘reset’ command.

rommon 2 > reset

4. Respond with a ‘no’ when prompted to enter setup mode.

— System Configuration Dialog —

Would you like to enter the initial configuration dialog? [yes/no]: no

5. Type ‘enable’ to enter privileged mode.

Router>enable

6. Copy the startup-config file into the running-config file.

Router#copy startup-config running-config
Destination filename [running-config]?

1154 bytes copied in 0.892 secs (1294 bytes/sec)

7. Configure the enable secret password (in this example I set the enable secret password to ‘cisco’).

router-1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#enable secret cisco

8. Change the configuration register back to the default value of 2102 (0×2102).

router-1(config)#config-register 0×2102

9. Copy the running-config file into the startup-config file.

router-1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]

10. Reload the router (optional).

router-1#reload
Proceed with reload? [confirm]

Once the router reloads all you have to do is login to user mode then use your new privileged mode password (the example above used ‘cisco’).

Enjoy!


Cisco – Configuring a Wide Area Network (WAN) and Telnet

You may use the following commands to configure a Wide Area Network (WAN) between two Cisco routers in a lab environment. The routers in this example are Cisco 2501 routers. Also, I will print the output from the “router-1″ router and you may mirror these configurations on the “router-2″ router (I will note any exceptions below).

This network will consist of two routers. The Internet Protocol (IP) address of “router-1″ will be 172.16.4.100/24 and the IP address of router-2 will be 172.16.4.101/24. This IP addressing assignment puts these routers on the same network so that they may communicate as a Wide Area Network (WAN) link.

1. Configure the interfaces.

===START===

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#interface serial 0
router-1(config-if)#ip address 172.16.4.100 255.255.255.0
router-1(config-if)#clock rate 4000000
router-1(config-if)#description Wide Area Network (WAN) Link – DCE
router-1(config-if)#no shutdown

===END===

Notice that this is interface “Serial 0″ on the router. Additionally, I have given the interface a description and I have used the “clock rate” command as this interface will provide the clocking for this WAN (using the back-to-back serial cable).

2. Configure the telnet password on each router.

===START===

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#line vty 0
router-1(config-line)#password abc123
router-1(config-line)#login

===END===

In the above example I chose a very simple password “abc123″ because this is a lab environment.

3. Connect the back-to-back serial cable to the routers. You will plug the date communication equipment (DCE) end of the cable into the router that will be providing the clocking for this network (router-1 in this example) and plugging the date terminal equipment (DTE) end of the cable into the router that will be receiving the clock in this network (router-2 in this example).

In a non-production environment (such as the one in this example) I must use a back-to-back serial cable and use the “clock rate” command on the DCE side of the cable or the network will not function.

Now that all of the configurations have been provided on “router-1″ you may mirror these configurations on “router-2″. The difference would be that interface Serial 0 on “router-2″ would have an IP address of 172.16.4.101, you would not use the “clock rate” command on this router and optionally you may change the description to the following “Wide Area Network (WAN) Link – DTE”.

At this point we can test the IP connectivity between the routers by using the PING command as well as using the Telnet function.

router-1#ping 172.16.4.101

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 172.16.4.101, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
router-1#telnet 172.16.4.101
Trying 172.16.4.101 … Open
User Access Verification

Password:
router-2>

From the above output we see that we can PING and Telnet to router-2 successfully so this wide area network link is functioning correctly.


Cisco – Configure a Description on a Cisco Interface

You may use the following commands to configure a description on a Cisco router or switch. Please note that this will not affect the performance of the router or switch but I recommend doing this for easier administration.

===BEFORE===

router-1#show running-config interface FastEthernet0
Building configuration…

Current configuration : 68 bytes
!
interface FastEthernet0
no ip address
shutdown
speed auto
end

===CONFIGURING THE DESCRIPTION===

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#interface FastEthernet0
router-1(config-if)#description Local Area Network (LAN) Link – 1
router-1(config-if)#^Z

===AFTER===

router-1#show running-config interface FastEthernet0
Building configuration…

Current configuration : 115 bytes
!
interface FastEthernet0
description Local Area Network (LAN) Link – 1
no ip address
shutdown
speed auto
end

===SAVE THE CONFIGURATION===

router-1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]

I understand that this is a basic task so please stay tuned for more advanced configurations in the future.


Cisco – Configuring a Dynamic Host Configuration Protocol (DHCP) Server

You may use the following commands to configure a DHCP server on a Cisco router. The router in this example is a non-ISR 1720 Cisco router being run on Graphic Network Simulator 3 (GNS3). This configuration will name the pool of Internet Protocol (IP) addresses as Marketing, assign an IP address, subnet mask, default gateway, Domain Name System (DNS) server, DHCP lease and excluded IP addresses 172.16.2.1-172.16.2.99.

router-1#config t
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#ip dhcp pool Marketing
router-1(dhcp-config)#network 172.16.2.0 255.255.0.0
router-1(dhcp-config)#default-router 172.16.1.1
router-1(dhcp-config)#dns-server 172.16.3.1
router-1(dhcp-config)#lease 8 0 0
router-1(dhcp-config)#exit
router-1(config)#
router-1(config)#ip dhcp excluded-address 172.16.2.1 172.16.2.99
router-1(config)#

You can see that I started in privileged mode and moved the command prompt to global configuration mode to configure the DHCP settings. I named the pool “Marketing” for this example. Additionally, the “default-router” setting is the IP address of the router’s interface that the hosts will connect to. Lastly, the lease command is configured in days, hours then minutes (so the configured lease is for exactly eight days).

I hope this post proves helpful to you!


Cisco – Router and Switch Modes

You may use the following commands to change the information stored in the dynamic RAM (running-config) or NVRAM (startup-config) on a Cisco router or switch.

To make changes to the configuration running in dynamic RAM (running-config file) you may use the following commands. In particular, the “configure terminal” command (or “config t” for short) is used to make changes to the running-config which is the configuration currently stored in the DRAM of the Cisco device.

router-1>enable
router-1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router-1(config)#

To make changes to NVRAM (the startup-config file) you may use the following commands. In particular, the “configure memory” command (or “config mem” for short) is used to make changes to the startup-config file. The startup-config file is the file that contains the router or switch default configuration after boot.

router-1>enable
router-1#configure memory

R2#

As you can see, when I entered the “configure memory” command the hostname of the router changed. This is due to the fact that I originally changed the hostname of the router to “router-1″ but did not save the information in DRAM (running-config) into NVRAM (startup-config).

As always, if you make a change to the running-config you must save it to the startup-config or any configuration changes will be lost after your next reboot of the router or switch. The commands to save the running-config into the startup-config are the following, “copy running-config startup-config”, “copy run start” or “write mem”.

Enjoy!


Cisco – Configuring a Router or Switch Hostname

You may use the following commands to configure the hostname on a Cisco router or switch. Changing the hostname will not affect the performance of the router or switch but it will help you identify the particular device you are connected to. Also, this is a non-ISR 1700 series router run on the Graphical Network Simulator 3 (GNS3) platform.

R1>enable
R1#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#hostname Florida
Florida(config)#hostname Orlando
Orlando(config)#hostname Miami
Miami(config)#hostname Tampa
Tampa(config)#

Again, changing the hostname will not improve or degrade the performance of the hardware device but I believe it is a good network administration practice.