UNIX System Administration Handbook - Evi Nemeth [222]
You’ll be prompted for the user-level access password:
% telnet xor-gw.xor.com
Connected to xor-gw.xor.com.
Escape character is '^]'.
User Access Verification
Password:
Upon entering the correct password, you will receive a prompt from Cisco’s EXEC command interpreter:
xor-gw.xor.com>
At this prompt, you can enter commands such as show interfaces to see the router’s network interfaces or show ? to get help about the other things you can see.
To enter privileged mode, type enable and enter the privileged password when it is requested. Once you have reached the privileged level, your prompt will end in a #:
xor-gw.xor.com#
BE CAREFUL—you can do anything from this prompt, including erasing the router’s configuration information and its operating system. When in doubt, consult Cisco’s manuals or one of the comprehensive books published by Cisco Press.
You can type show running to see the current running configuration of the router and show config to see the current nonvolatile configuration. Most of the time, these are the same. Here’s a typical configuration:
xor-gw.xor.com# show running
Current configuration:
version 12.0
hostname xor-gw
enable secret xxxxxxxx
ip subnet-zero
interface Ethernet0
description XOR internal network
ip address 192.108.21.254 255.255.255.0
no ip directed-broadcast
interface Ethernet1
description XOR backbone network
ip address 192.225.33.254 255.255.255.0
no ip directed-broadcast
ip classless
line con 0
transport input none
line aux 0
transport input telnet
line vty 0 4
password xxxxxxxx
login
end
The router configuration can be modified in a variety of ways. Cisco offers graphical tools that run under some versions of UNIX and NT. Real network administrators never use these; the command prompt is always the “sure bet.” It is also possible to tftp a config file to or from a router so that you can edit it in your favorite editor.11
To modify the configuration from the command prompt, type config term:
xor-gw.xor.com# config term
Enter configuration commands, one per line. End with CNTL/Z.
xor-gw(config)#
You can then type new configuration commands exactly as you want them to appear in the show running output. For example, if we wanted to change the IP address of the Ethernet0 interface in the example above, we could enter
interface Ethernet0
ip address 192.225.40.253 255.255.255.0
When you’ve finished entering configuration commands, press Here are some tips for a successful Cisco router experience: • Name the router with the hostname command. This precaution helps to prevent accidents caused by changing the configuration on the wrong router. The hostname will always appear in the command prompt. • Always keep a backup router configuration on hand. You can write a short expect script that tftps the running configuration over to a UNIX box every night for safekeeping. • Control access to the router command line by putting access lists on the router’s VTYs (VTYs are like PTYs on a UNIX box). This precaution prevents unwanted parties from trying to break into your router. • Control the traffic flowing among your networks (and possibly to the outside world) with access lists on each interface. See How services are filtered on page 675 for more information about how to set up access lists. • Keep routers physically secure. It’s easy to reset the privileged password if you have physical access to a Cisco box. 2. Interface names such as le0 will vary, depending on your exact OS and hardware platform. 3. Actually, it is not quite this simple, since there are provisions for handling changes in topology that may lengthen existing routes. Some DV protocols such as EIGRP maintain information about multiple possible