How to configure SSH on a Cisco Router
We need configure SSH on a Cisco router or switch in order to access it remotely, unless we’re using an access server. Even then, SSH should be configured in case the access server fails.
Sometimes people get confused when it comes to telling how much memory the router has and which memory does what. There are 4 memory terms you should be familiar with, and 2 of these should be checked before upgrading the router’s IOS.
The Routing Information Protocol (RIP) is the most basic distance-vector routing protocol in use these days. It has been designed for small and local networks and because it’s configuration is very simple, it’s still commonly used. By default, RIP sends out it’s entire routing table every 30 seconds. While in small networks with few routes in the routing table this is not an issue and RIP can route efficiently; in larger networks with many routers and routes this routing update would cause unnecessary network traffic. You can read more about RIP in the document RFC 2453.
Having user accounts on a router makes life and logging much easier. We can assign different privilige levels to different users to restrict access to certain commands. You may want a junior admin to see a few things to help you troubleshoot but you don’t want him to be able to change anything. In the following example we are going to add 2 local user accounts, one with the default privilege level (0) and one with full privilege level (15).
In this example we will configure PPP authentication with an alternate method. We are going to instruct the router to send different credentials (other than it’s own hostname) to the other side. In contrast to the previous method, this works even if you change the routers name.
By configuring authentication on our serial interfaces, we can restrict access to our router. This is not just useful, but it is highly recommended to implement authentication and a high level of security on all devices whenever possible, especially the ones facing the Internet.
Serial interfaces are used to communicate with other local Cisco Routers or to establish a connection to the WAN through a CSU/DSU device. The required steps are almost identical to the configuration of any other interface’s with a few exceptions. When connecting two Cisco routers directly with a DCE/DTE cable, the router which has the DCE end of the cable connected to it has to be configured to dictate the clock rate. It is essential for proper communication.
After you have played a little with some basic commands on your Cisco router you probably want to take it to the next level and connect it to a network so the real fun can begin! Now to be able to TELENT into the router or even just PING it you have to configure at least one of the interfaces with an IP address. Preferably the one you want to plug the cable into…
One of the first things you want to configure on a router or a switch is the hostname. Although it is mainly important to us administrators -so we can identify our devices easier-, the hostname can be used to authenticate one router to another as well, but I’ll talk about that in another tutorial.