What you should know when installing Home Wireless Routers (Wi-Fi)

    One commonality that stands out when discussing Cisco network routers and switches: is the renowned Internetwork Operating System (IOS). This powerful “engine” is what powers all of these devices, ensuring their successful operation. This article will primarily center on iOS and analyze how to manipulate it. Before that occurs, though, I’d like you to be aware of the two distinct approaches used when operating with iOS: either through a Command Line Interface (CLI) or Graphical User Interface (GUI).

    The Command Line Interface (CLI) is a sophisticated method of configuring IOS devices. Utilizing the CLI, we can enter precise commands that will cause the desired behavior to occur. Therefore, we will have complete control and access to our Routers or Switches.

    The GUI (Graphical User Interface) offers a much more user-friendly approach for managing devices like these. Frequently, we rely on it when establishing small network gadgets such as Home Wireless Routers (Wi-Fi). This section will delve into how users can access Cisco IOS (versions 15.2 or 12.4) through the Command Line Interface for efficient operation.

    Introduction to the CLI

    Basic Router Configurations

    Now it’s time to dive into the exciting bits of this article and begin with a Cisco Router setup. Moreover, we will utilise a network simulator to establish our network environment.

    To ensure that our Cisco Router is up and running, here are some critical settings we’ll configure:

    • Hostname: the name of the device.
    • Passwords: securely encrypted or communicated in an open, unencrypted format.
    • IP addresses: within the interfaces.

    Remote access: easily administer your network devices through secure Telnet or SSH connections.

    a) User Access Levels In Cisco IOS

    They have developed three access levels with distinct activities available for each user for security reasons.

    1. Verify your connection to the internet by running commands such as ping or traceroute. (>)
    2. Get an inside look into what’s actually happening with the device. (#)
    3. To make any changes. (config)#

    Upon connecting to a Cisco device like a Router, Switch, or Firewall, you will be granted user exec mode (>) – the primary access level. With this user exec access level, you can only perform basic commands such as ping and traceroute.

    To access a greater set of commands and privileges, it’s essential to enter the following command: Router>enable. This will allow you to ascend the ladder and upgrade your level of control.

    We have reached the second access level: privilege mode – R1#. Here you can observe every action taken with the equipment (through various show commands), yet you cannot make any changes.

    Router>enable
    Router#

    To create alterations to the device, we would have to advance our access level up an additional notch – reaching a commanding level known as global configuration mode. This exalted status provides us with greater capabilities and privileges than before.

    Router#configure terminal
    Router(config)#

    By accessing the Cisco device’s global configuration mode, you can make any desired alterations with complete control – akin to having Windows Administrator or root user access on Linux.

    To ensure you’re prepared for any challenge, here are a few commands that I highly suggest familiarizing yourself with: If you want to save time and typing effort while still ensuring accuracy, we’ve got the perfect solution for composing longer commands.

    When you type “R1#show run” and hit the TAB key, it will autocomplete your command. Furthermore, if you enter a question mark (?), any subsequent commands will be displayed on-screen.

    R1 image

    b) Selecting a device name (Hostname)

    To alter the name of a Router or Switch, all you have to do is enter this command: (you will see it in the next image)

    Router(config)#hostname ROUTER_NAME
    ROUTER_NAME(config)#

    c) Securing access to the Router

    To protect your Router against unauthorized access, let’s look into how we can set up a password in privilege mode (#). Follow this straightforward process to complete the task:

    Securing access to the router image
    Router(config)#hostname R1
    R1(config)#enable password cisco or
    R1(config)#enable secret cisco123

    Utilizing this command will set a warning banner for anyone attempting to access the device, alerting them of potential consequences.

    R1(config)#banner motd "UNAUTHORISED ACCESS DENIED"

    If your query is regarding the distinctions between an “enable password”, and a “secret enable,” you’ve come to the right place. Here’s what sets them apart:

    Unauthorized access image

    One configuration (#enable secret) is encoded while the other (#enable password) remains unencrypted.

    Let’s begin by configuring the Router for network access (reachability) using the following topology:

    Router for network access image

    d) Configuring an IP address on the Router

    A Router is an invaluable tool that allows us to interconnect multiple networks seamlessly through various ports, typically two or three. We refer to a port as the physical space in which a cable can be connected. As for its corresponding logical side, we identify it as an interface.

    To recapitulate: 

    • Port = Physical
    • Interface = Logical

    For example, we will configure an IP (logical) address on the interface and physically connect it to a port via cable.

    For any communication to take place within the network, these interfaces require an IP address and must be enabled, meaning turn ON. As illustrated in the figure, you can easily configure an IP address on a network interface:

    IP address of the router image

    R1(config)#interface FastEthernet0/0
    R1(config-if)#ip address 192.168.1.1 255.255.255.0
    R1(config-if)#no shutdown

    f) Configuring remote access on a Router (Telnet, SSH)

    Telnet

    Network applications provide secure remote connections to networks, devices (such as routers and switches), or servers. This ensures reliable access from any location.

    R1(config)#line vty 0 14
    R1(config-line)#password cisco
    R1(config-line)#login

    To get started, we’ll need to enter our virtual lines (a total of 15), set the password (“Cisco”), and then initiate the Telnet process #login.

    SSH

    To safely connect to a local area network or Internet device remotely, SSH is the ideal protocol. To configure this on Cisco machines, it’s necessary to take certain steps:

    1. Establishing a personal login and password. 
    2. Establishing a Domain name 
    3. To ensure maximum safety, generating public and private key combinations is essential.
    4. To enable the virtual lines (vty) process, use the command #login local.

    In the figure below, you can see an example of the SSH configuration on a Cisco Router:

    SSH image
    R1(config)#username admin privilege 15 password admincisco321
    R1(config)#ip domain-name my.home.lab
    R1(config)#crypto key generate rsa modulus 1024
    R1(config)#ip ssh version 2
    R1(config)line vty 0 15
    R1(config-line)#login local
    R1(config-line)#transport input ssh telnet

    To sum up

    The Router is an essential device in any computer network because it interconnects multiple networks together. It has different networking protocols enabled (like RIP and OSPF) that assist him with the interconnection process. It also offers many different configurations for security purposes (like passwords on Virtual lines). In this article, we’ve learned how to set up an IP address on the Router, as well as for remote access (Telnet & SSH). We’ve also learned about some of the most important configurations a network administrator should know.

    César Daniel Barreto
    César Daniel Barreto
    César Daniel Barreto Quintero is a Chemistry graduate with a Master's in Heavy Crude Extraction. He specializes in Holistic Research Methodology in science and engineering and works as an Associate Research and Development Professional at the National Institute of Technology for Petroleum (INTEVEP). With 17 years of experience in chemical characterization of petroleum, he has received professional training in ISO and has studied Technology Transfer and Intellectual Property and its corresponding legislation. He has also studied scientific journalism and writing and has published scientific articles, technical reports, a chemical patent, and an oil field trademark. He aims to share his knowledge through short publications on intellectual property and information security legislation.

    Recent

    Read More