Cisco IOS

Disabling Router Lines Problem You want to disable your router's AUX port to help prevent unauthorized access. Solution To completely disable access via the router's AUX port, use the following set of commands: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#line ... [full story]

Reserving a VTY Port for Administrative Access Problem You want to prevent all of your VTY lines from being used up, effectively locking you out of the router. Solution You can ensure that at least one VTY port is available to you for access ... [full story]

Restricting Inbound Telnet Access Problem You want to restrict Telnet access to the router to allow only particular workstations. Solution You can restrict which IP addresses can access the router as follows: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list ... [full story]

Logging Telnet Access Problem You want to log every Telnet session to the router. Solution To log every Telnet session to the router, use the followings set of commands: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list 90 permit any log Router1(config)#line ... [full story]

Setting the Source Address for Telnet Problem You want to force your router to use a particular IP source address when making outbound Telnet connections. Solution To configure a single common IP source address for all outbound Telnet session, use the following configuration command: Router1#configure ... [full story]

Automating the Login Sequence Problem You want to automate the process of logging into a router, typing usernames, passwords, and so forth. Solution The following script automates the process of logging into the router using a scripting language called Expect. Expect is a powerful ... [full story]

Using SSH for Secure Access Problem You want to use SSH for secure encrypted remote access to your router. Solution You can configure your router to run an SSH Version 1 server for VTY access: Router1#configure terminal Enter configuration commands, one per line. End ... [full story]

Changing Privilege Level of IOS Commands Problem You want to change the privilege level of specific IOS commands Solution To reduce the privilege level of an enable command from 15 to 1, use the following command: Router1#configure terminal Enter configuration commands, one per line. ... [full story]

Using Static Routing Problem You want to configure a static route. Solution You can configure a static route with the ip route command, as follows: Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ip route 10.35.15.5 255.255.255.255 Ethernet0 Router(config)#end Router# You can also configure a ... [full story]

Floating Static Routes Problem You want to use a static route only when the dynamic route is not available. Solution The router will use a floating static route for a particular network prefix only if that same route is not available from the dynamic ... [full story]

Using Policy-Based Routing to Route Based on Source Address Problem You want to use different network links depending on the source address. Solution Policy-based routing allows you to configure special routing rules beyond the normal IP routing table. One common application is to ... [full story]

Unicast Updates for RIP Problem You want to exchange routing information with one device on a network, but not with any others. Solution You can configure RIP to send its updates to a neighboring router using unicast instead of broadcast or multicast packets. ... [full story]

Applying Offsets to Routes Problem You want to modify the routing metrics for routes learned from or sent out through a particular interface. Solution You can modify the RIP metrics for a list of routes learned through a particular interface with the offset-list ... [full story]

Adjusting Timers Problem You wish to tune your routing protocol performance to improve the time that the network takes to converge after a topology change. Solution RIP has several timers that control things like how often it sends updates and how long it ... [full story]

Configuring Interpacket Delay Problem You want to slow down the rate that a router sends the packets in a single update to ensure that slower devices aren't so overwhelmed that they lose information. Solution Use the output-delay configuration command to adjust the inter-packet ... [full story]

Enabling Nonperiodic Updates Problem You want to reduce RIP bandwidth requirements by configuring routers to forward changes only to the routing table instead of forwarding the entire routing table every 30 seconds. Solution The ip rip triggered interface configuration command tells the router ... [full story]

Increasing the RIP Input Queue Problem You want to increase the size of the RIP input queue to prevent your low-speed router from losing routing information. Solution To increase the size of the shared RIP queue, use the input-queue configuration command: Router2#configure terminal Enter ... [full story]

Configuring RIP Version 2 Problem You want to use the more flexible features of RIP Version 2. Solution By default, Cisco routers will listen for both RIP Version 1 and 2 packets, but they will only send Version 1. If you want to ... [full story]

Enabling RIP Authentication Problem You want to authenticate your RIP traffic to ensure that unauthorized equipment cannot affect how traffic is routed through your network. Solution The following set of commands enables plain-text RIP authentication: Router1#configure terminal Enter configuration commands, one per line. ... [full story]

RIP Route Summarization Problem You want to decrease the size of your routing tables to improve the stability and efficiency of the routing process. Solution You can manually configure address summarization on an individual interface with the ip summary-address rip configuration command: Router1#configure terminal ... [full story]

Route Tagging Problem You want RIP to include a tag when it distributes specific routes to prevent routing loops when redistributing between routing protocols. Solution RIP Version 2 allows you to tag external routes. For a static route, for example, the configuration looks ... [full story]

Default Passive Interface Problem You want to disable RIP on all of a router's interfaces, except for a few that you specify. Solution You can disable the sending of RIP updates on all interfaces with the passive-interface default command: Router1#configure terminal Enter configuration commands, one per ... [full story]

Disabling RIP on an Interface Problem You want to prevent an interface from participating in RIP. Solution You can prevent an interface from participating in RIP with the following set of commands: Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#access-list ... [full story]

Creating a Default Route in RIP Problem You want RIP to propagate a default route. Solution There are two ways to get RIP to propagate a default route. The preferred method is using the default-information originate command as follows: Router1#configure terminal Enter configuration commands, ... [full story]

Using Policy-Based Routing to Route Based on Application Type Problem You want different applications to use different network links. Solution This example is similar to the previous one, except that instead of looking at the source address of the incoming IP packet, it looks ... [full story]

Examining Policy-Based Routing Problem You want to see information about how policy-based routing has been applied on a router. Solution The show ip policy command shows what routing policies have been applied on a router. Here is the output for a router that has ... [full story]

Changing Administrative Distances Problem You want to change the administrative distance for an external network. Solution You use the distance command to adjust the administrative distance for a particular routing protocol. The precise syntax depends on the routing protocol. This example uses RIP: Router#configure terminal Enter ... [full story]

Routing Over Multiple Paths with Equal Costs Problem You want to restrict how many paths your router can use simultaneously to reach a particular destination. Solution By default, the router will install up to four routes to the same destination for most routing protocols, ... [full story]

Static Routes That Track Interfaces or Other Routes Problem You want to install a static route only when an interface fails or a prefix drops out of the routing table. Solution One of the interesting new features in IOS Versions 12.3T and 12.4 is ... [full story]

Keeping Statistics on Routing Table Changes Problem You want to keep statistics on how stable your routing table is. Solution IOS Version 12.0 introduced a seldom-used feature that allows you to statistically monitor fluctuations in your routing tables: Router#configure terminal Enter configuration commands, one per line. ... [full story]

Configuring RIP Version 1 Problem You want to run RIP on a simple network. Solution The following commands show how to configure basic RIP functionality: Router2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router2(config)#interface Ethernet0 Router2(config-if)#ip address 192.168.30.1 255.255.255.0 Router2(config-if)#interface Serial0.1 Router2(config-subif)#ip address 172.25.2.2 255.255.255.0 Router2(config-subif)#exit Router2(config)#router ... [full story]

Filtering Routes with RIP Problem You want to restrict what routing information is exchanged within RIP. Solution You can filter inbound RIP routes on a per interface basis with a distribute-list: Router2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router2(config)#access-list 10 ... [full story]