Wifi router

What you should know when installing Home Wireless Routers (Wi-Fi)

One commonality that stands out when discussing Cisco network routers and switches: is the renowned Internetwork Operating System (IOS). This powerful “engine” is what powers all of these devices, ensuring their successful operation. This article will primarily center on iOS and analyze how to manipulate it. Before that occurs, though, I’d like you to be aware of the two distinct approaches used when operating with iOS: either through a Command Line Interface (CLI) or Graphical User Interface (GUI).

The Command Line Interface (CLI) is a sophisticated method of configuring IOS devices. Utilizing the CLI, we can enter precise commands that will cause the desired behavior to occur. Therefore, we will have complete control and access to our Routers or Switches.

The GUI (Graphical User Interface) offers a much more user-friendly approach for managing devices like these. Frequently, we rely on it when establishing small network gadgets such as Home Wireless Routers (Wi-Fi). This section will delve into how users can access Cisco IOS (versions 15.2 or 12.4) through the Command Line Interface for efficient operation.

Introduction to the CLI

Basic Router Configurations

Now it’s time to dive into the exciting bits of this article and begin with a Cisco Router setup. Moreover, we will utilise a network simulator to establish our network environment.

To ensure that our Cisco Router is up and running, here are some critical settings we’ll configure:

  • Hostname: the name of the device.
  • Passwords: securely encrypted or communicated in an open, unencrypted format.
  • IP addresses: within the interfaces.

Remote access: easily administer your network devices through secure Telnet or SSH connections.

a) User Access Levels In Cisco IOS

They have developed three access levels with distinct activities available for each user for security reasons.

  1. Verify your connection to the internet by running commands such as ping or traceroute. (>)
  2. Get an inside look into what’s actually happening with the device. (#)
  3. To make any changes. (config)#

Upon connecting to a Cisco device like a Router, Switch, or Firewall, you will be granted user exec mode (>) – the primary access level. With this user exec access level, you can only perform basic commands such as ping and traceroute.

To access a greater set of commands and privileges, it’s essential to enter the following command: Router>enable. This will allow you to ascend the ladder and upgrade your level of control.

We have reached the second access level: privilege mode – R1#. Here you can observe every action taken with the equipment (through various show commands), yet you cannot make any changes.

Router>enable
Router#

To create alterations to the device, we would have to advance our access level up an additional notch – reaching a commanding level known as global configuration mode. This exalted status provides us with greater capabilities and privileges than before.

Router#configure terminal
Router(config)#

By accessing the Cisco device’s global configuration mode, you can make any desired alterations with complete control – akin to having Windows Administrator or root user access on Linux.

To ensure you’re prepared for any challenge, here are a few commands that I highly suggest familiarizing yourself with: If you want to save time and typing effort while still ensuring accuracy, we’ve got the perfect solution for composing longer commands.

When you type “R1#show run” and hit the TAB key, it will autocomplete your command. Furthermore, if you enter a question mark (?), any subsequent commands will be displayed on-screen.

R1 image

b) Selecting a device name (Hostname)

To alter the name of a Router or Switch, all you have to do is enter this command: (you will see it in the next image)

Router(config)#hostname ROUTER_NAME
ROUTER_NAME(config)#

c) Securing access to the Router

To protect your Router against unauthorized access, let’s look into how we can set up a password in privilege mode (#). Follow this straightforward process to complete the task:

Securing access to the router image
Router(config)#hostname R1
R1(config)#enable password cisco or
R1(config)#enable secret cisco123

Utilizing this command will set a warning banner for anyone attempting to access the device, alerting them of potential consequences.

R1(config)#banner motd "UNAUTHORISED ACCESS DENIED"

If your query is regarding the distinctions between an “enable password”, and a “secret enable,” you’ve come to the right place. Here’s what sets them apart:

Unauthorized access image

One configuration (#enable secret) is encoded while the other (#enable password) remains unencrypted.

Let’s begin by configuring the Router for network access (reachability) using the following topology:

Router for network access image

d) Configuring an IP address on the Router

A Router is an invaluable tool that allows us to interconnect multiple networks seamlessly through various ports, typically two or three. We refer to a port as the physical space in which a cable can be connected. As for its corresponding logical side, we identify it as an interface.

To recapitulate: 

  • Port = Physical
  • Interface = Logical

For example, we will configure an IP (logical) address on the interface and physically connect it to a port via cable.

For any communication to take place within the network, these interfaces require an IP address and must be enabled, meaning turn ON. As illustrated in the figure, you can easily configure an IP address on a network interface:

IP address of the router image

R1(config)#interface FastEthernet0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown

f) Configuring remote access on a Router (Telnet, SSH)

Telnet

Network applications provide secure remote connections to networks, devices (such as routers and switches), or servers. This ensures reliable access from any location.

R1(config)#line vty 0 14
R1(config-line)#password cisco
R1(config-line)#login

To get started, we’ll need to enter our virtual lines (a total of 15), set the password (“Cisco”), and then initiate the Telnet process #login.

SSH

To safely connect to a local area network or Internet device remotely, SSH is the ideal protocol. To configure this on Cisco machines, it’s necessary to take certain steps:

  1. Establishing a personal login and password. 
  2. Establishing a Domain name 
  3. To ensure maximum safety, generating public and private key combinations is essential.
  4. To enable the virtual lines (vty) process, use the command #login local.

In the figure below, you can see an example of the SSH configuration on a Cisco Router:

SSH image
R1(config)#username admin privilege 15 password admincisco321
R1(config)#ip domain-name my.home.lab
R1(config)#crypto key generate rsa modulus 1024
R1(config)#ip ssh version 2
R1(config)line vty 0 15
R1(config-line)#login local
R1(config-line)#transport input ssh telnet

To sum up

The Router is an essential device in any computer network because it interconnects multiple networks together. It has different networking protocols enabled (like RIP and OSPF) that assist him with the interconnection process. It also offers many different configurations for security purposes (like passwords on Virtual lines). In this article, we’ve learned how to set up an IP address on the Router, as well as for remote access (Telnet & SSH). We’ve also learned about some of the most important configurations a network administrator should know.

About natalie

natalie
Natalie Werner is a freelance writer, CISSP & CCSK Certified Cybersecurity specialist with over 20 years of experience in the banking industry. She's also co-founder and CEO at The Alliance for Cyber Security Excellence (The ACE), an international not -for profit organization that provides cyber security solutions to reduce risk exposure from threats like hacks or malware infections by bringing together trusted experts across various fields, including information technology (IT). As well as providing specialized operational courses on how to maintain your digital assets within IT domains such as data protection, Natalie offers strategic training designed to help organizations better understand their own business needs when it comes down to protecting against external risks brought about through technological advances

Check Also

Regulatory and Standard Compliance

Regulatory and Standard Compliance

Artificial intelligence, virtual reality, cashless payments, the Internet of Things, and many other information technology …