Administrative Configurations

Even though the following sections are not critical to make a router or switch work on a network, they are still really important. Lets g through configuration specific commands that are particularly helpfull when administrating your network. You can configure the following administrative functions on a router and switch:

  • Hostnames
    We use hostname command to set the identity of the router. Hostname are locally significant and it does not effect how the router perform on internetwork, but is still important because it is often used for authentication purpose in many WANs.
    router# Config t
    router#hostname practonet
    practonet#
  • Banners
    The reason for having banner is to give any and all who attempt to Telnet or sneak into your network a little security notice and are good because you can create and modify. There are 3 types of banner. MOTD, Login banner and Exec banner.
    - MOTD
    Message fo the day (MOTD) banner are mostly used banner because they give a message to anyone connecting to the router via Telnet or and aux port even through a console port.
    router(config)#banner motd * If you are not authorized to be in practonet network, you must disconnect immediately *
    router#exit
    The simple syntex for MOTD banner is router# banner motd *(special character) ----(Message)---- *(Same special character ends line)
    -EXEC Banner
    You can configure a line-activation (exec) banner to be displayed when EXEC processes such as a line activation or an incoming connection to a VTY line have been created. Simply initiating a user exec session through a console port will activate the exec banner.
    -Login Banner
    You can configure a login banner for display on all connected terminals. It will show up after the MOTD banner but before the login prompts. This login banner can’t be disabled on a per-line basis, so to globally disable it you’ve got to delete it with the no banner login command.
  • Passwords
    There are five passwords to secure your Cisco routers: console, auxiliary, telnet (VTY), enable password, and enable secret. The enable secret and enable password are the ones used to set the password for securing privileged mode. Once the enable commands are set, users will be prompted for a password. The other three are used to configure a password when user mode is accessed through the console port, through the auxiliary port, or via Telnet.
    - Enable Passwords
    This sets the enable password on older, pre-10.3 systems, and isn’t ever used if an enable secret is set.You set the enable passwords from global configuration mode like this:
    router(config)#enable password practonet
    - Enable Secret Passwords
    secret - The newer, encrypted password that overrides the enable password if it has been set. You set the enable passwords from global configuration mode like this:
    router(config)#enable secret practonet
    - Telnet Passwords
    To set the user-mode password for Telnet access into the router or switch, use the line vty command. IOS switches typically have 16 lines, but routers running the Enterprise edition have considerably more.
    router(config)#line vty 0 15
    router(config-line)#password telnet
    router(config-line)#login

    * here telnet is the password
    - Auxiliary Password
    To configure the auxiliary password on a router, go into global configuration mode.
    router(config)#line aux 0
    router(config-line)#password aux router(config-line)#login

    * here aux is the password
  • Interface description
    Setting descriptions on an interface is another administratively helpful thing, and like the hostname, it’s also only locally significant. One case where the description command comes in really handy is when you want to keep track of circuit numbers on a switch or a router’s serial WAN port.
    Here’s an example on switch:
    practonet#config t
    practonet(config)#int fa0/1
    practonet(config-if)#description Sales VLAN Trunk Link
    practonet(config-if)#^Z
    practonet#
    And on a router serial WAN:
    practonet#config t
    Router(config)#int s0/0/0
    Router(config-if)#description WAN to Miami
    Router(config-if)#^Z
    You can view an interface’s description with either the show running-config command or the show interface—even with the show interface description command:
    practonet#sh run
    Building configuration...
    Current configuration : 855 bytes
    !
    interface FastEthernet0/1
    description Sales VLAN Trunk Link
    !
    .
    .
    .
    practonet#sh int f0/1
    FastEthernet0/1 is up, line protocol is up (connected)
    Hardware is Fast Ethernet, address is ecc8.8202.8282 (bia ecc8.8202.8282)
    Description: Sales VLAN Trunk Link
    MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
    .
    .
    .
    practonet#sh int description
    practonet