Basic configuration of a Cisco router for Internet connectivity.

Configuring Cisco from the specialists of WiFiLab is always professional and high quality!

Cisco Setup: Connecting your office to the Internet

This article details the process of configuring a Cisco 881 router to connect your office network to the Internet. Note that the configuration commands for other Cisco router models, such as the 1841, 2800, and 3825, will be similar, although there may be differences in interface names and numbering.

Wiring diagram description

Present in our scheme are:

• Channel to the Internet using a static IP address
• Multiple computers on the office LAN
• Cisco router
• Switch for organizing a local area network

The main task is to provide access of local network computers to the Internet.

Step 0: Clear the router configuration

The first thing to do before you start configuring your Cisco router is to clear the startup configuration of the device. To do this, connect to the console port of the router using a special cable and execute the following commands:

1. Log in to privileged mode (you may need to enter a username and password):

   router> enable


2. Delete the startup configuration:

   router# write erase


3. Confirm the deletion and reboot the router:

   router# reload


After rebooting, the router will prompt you to start basic setup. Refuse to do so:

Now only the standard default strings will remain in the router configuration, and you can move on to the main configuration.

Step 1: Configuring the device name

Set the router name for ease of administration:

Step 2: Configuring the interfaces

Two interfaces need to be configured: an external interface for communication with the Internet and an internal interface for the local network. The external interface will receive IP addresses and mask provided by the ISP, and the internal interface will be configured for the 192.168.0.0/24 network.

Suppose a service provider has provided the following addresses:

• Network: 200.150.100.0
• Subnet mask: 255.255.255.255.252 (/30)
• Default gateway: 200.150.100.1

Configuring the external interface:

Connect this router interface to the ISP equipment and check its availability using the command ping:

1. First, check your own interface:

   R-DELTACONFIG# ping 200.150.100.2


2. Then check the access to the ISP gateway:

   R-DELTACONFIG# ping 200.150.100.1


After ensuring that the gateway is available, proceed to configure the internal interface.

The following addressing will be used on the LAN:

• Network: 192.168.0.0
• Subnet mask: 255.255.255.255.0
• The internal address of the router (gateway): 192.168.0.1

To configure the internal interface, use the command to enter Vlan 1 virtual interface configuration mode:

Then bind the virtual interface to the physical interface:

Now connect the Fa 0 interface to the switch to which the workstations are connected and check the availability of the router interface using the command ping.

Step 3: Configuring Remote Access to the Router

You can use Telnet or SSH protocols to remotely access the router console. Let’s consider configuring a secure connection via SSH:

1. Enable SSH version 2 and set the domain name:

   R-DELTACONFIG (config)# ip ssh version 2
R-DELTACONFIG (config)# ip domain-name xxx.ru


2. Generate RSA keys:

   R-DELTACONFIG (config)# crypto key generate rsa
How many bits in the modulus [512]: 1024


3. Set the user name and password:

   R-DELTACONFIG (config)# username admin privilege 15 secret 0 *****


4. Enable authorization through the local base:

   R-DELTACONFIG (config)# line vty 0 4
R-DELTACONFIG (config-line)# login local


5. Set the password to privileged mode:

   R-DELTACONFIG (config-line)# enable secret 0 *****


You can now remotely connect to the router using a program that supports SSH.

Step 4: Configure the default gateway

Specify a default gateway to route packets to the Internet:

Check the availability of external addresses by running the command ping:

Step 5: Configuring NAT

To access the Internet from the local network, you must configure dynamic translation of internal addresses to an external IP address. Specify a list of internal addresses to be translated:

Configure the interfaces for NAT:

Create a broadcast rule:

Workstations should now be able to access the Internet, provided their default gateway is the internal IP address of the router (192.168.0.1). Check this with the command ping.

Important!

Don’t forget to save the changes on all devices using the command:

Thus, you have completed the configuration of the Cisco router and made the LAN accessible to the Internet.