Running Red Lights

This road's starting to feel like a drag-race. I've spent at least 16 hours of the past two days watching videos and studying content. It's been a blast configuring my Cisco 2811 router, using it's switchports, and going through basic switch security and optimization. So far I've setup my router (with 16 switchport addon card) with some simple security, console/telnet/ssh access, played around with a few settings here and there, gotten myself used to the IOS commands. It's pretty neat knowing that you can type a ? just about anywhere and get a list of what you can do, also being able to hit tab to complete a command is nice.

I will be keeping somewhat of a journal of new commands that I use. Anything in Italics is for my reference or could contain something useful for you if you're just starting out! Just a quick glimpse at some of the things I've gotten a chance to go over:

Basic Setup for a Switch/Router

en Short for enable. Puts you in privileged exec mode Would prompt for a password if you had one set up in your router
conf t Short for configure terminal. Basically puts you in config mode from privileged exec mode.
hostname xxxx Simple enough, sets the hostname of the router. This is effective in your console session, for example Router> will become Hostname>
int vlan 1 Selects the interface, in this case its the vlan1 interface. Other times it can be a fast ethernet port, serial port, etc.
ip addr 172.30.2.180 255.255.255.0
no shutdown I had trouble remembering to do this, being the GUI-spoiled tech that I am
exit
ip default-gateway 172.30.2.1 Sets your default gateway.
(ctrl + z) Keyboard shortcut to back out
copy running-config startup-config Saves the changes you've made to NVRAM

Great! We've got a router setup with an IP address. We're in business. Except for the fact that it's totally unsecure and open for just about anyone to make their way into. That's where this comes into play...

Configure Switch Security

en
conf t
enable password cisco Sets the plaintext password for the router. Usually a no-no. Stick with enable secret
exit
enable secret cisco1 Encrypted password that doesn't show up in "show run"
no enable password Disables the clear-text enable password

Setting the Console Password

en
conf t
line console 0
password cisco
login (requires login prompt)

Setting the telnet password

en
conf t
line vty 0 4
password cisco

Protect Running-Config Passwords

en
conf t
service password-encryption

Set Message of the Day

banner motd [
Unauthorized access is prohibited
]

Configuring SSH

en
conf t
username test
password cisco
ip domain-name cisco.com
crypto key generate rsa
1024
ip ssh version 2
line vty 0 4
transport input ssh
transport input telnet ssh

Configuring Port Security

en
show ip int brief
terminal monitor
show mac address table
conf t
int fa 0/5
switchport mode access
switchport port-security maximum
switchport port-security violation shutdown
switchport port-security mac-address xxxx.xxxx.xxxx
(ctrl + z)
show port-security fa 0/5
copy running-config startup-config

-504Steve