When it comes to configuring a new Cisco router, much of the configuration depends on what type of router it is as well as the purpose it will serve. However, there are certain things you should configure on every new Cisco router.
Hasn't there been a command that you wished Cisco would make standard on every router? Every administrator has his or her own list of commands they use to configure a router "just right."
Here's my list of 10 commands that I think you should configure on every router (in no particular order). After you read through them, post your own favourites in this article's talkback.
1. Configure a login account on the router, and use it on lines
I highly recommend configuring a real username and password account on routers and switches. By doing so, that means someone needs both a password and a username to gain access.
In addition, I recommend using a secret password for the username -- not just a regular password. This encrypts the password with strong MD5 encryption and enhances security.
Here's an example:
Router(config)# username root secret My$Password
After you've configured the username, you must enable the lines to use that name. Here's an example:
Router(config)# line con 0
Router(config-line)# login local
Router(config)# line aux 0
Router(config-line)# login local
Router(config)# line vty 0 4
Router(config-line)# login local
2. Set a hostname on your router
The default hostname on a router is -- you guessed it -- router. You can leave this default, and the router will still work. However, it only makes sense to rename the router to something that will uniquely identify it. Here's an example:
Router(config)# hostname Router-Branch-23
In addition, you can configure a domain name on the router so it knows which DNS domain it's in. Here's an example:
Router-Branch-23(config)# ip domain name ZDNet.com.au
3. Set a password to enter Privileged Mode
When it comes to setting a password to enter Privileged Mode, many people think of using the enable password command. However, instead of using this command, I highly recommend using the enable secret command instead.
This command encrypts the password with strong MD5 encryption so the prompt won't display it in clear text. Here's an example:
Router(config)# enable secret My$Password
4. Encrypt router passwords
Cisco routers don't encrypt passwords in their configuration by default. However, you can easily change this. Here's an example:
Router(config)# service password-encryption
5. Disable the Web server
Cisco routers also enable the Web server by default, which is a security risk. If you aren't going to use it, it's better to just turn it off. Here's an example:
Router(config)# no ip http server
7%
1%
