To restore the router configuration to factory defaults, hold the reset button on the unit for 30 seconds.
Once your router is hard reset, you will need to login and reconfigure it again.
To reconfigure your LinkSys, connect a PC to one of it's Ethernet ports, load a web browser, and go to the URL http://192.168.1.1/. This will take you to a popup box which asks you to enter a username and password to login to your router.
On older LinkSys routers, the default username is blank and the default password is "admin." On newer Linksys routers, both the default username and the default password are set to "admin."
Once you are past the login screen, you are able to reconfigure the LinkSys router.
To access the Access Points Setup, and the LAN IP address has not changed, then computer must have an IP address of 192.168.1.XXX. If the Access Point is plugged in via Ethernet to a Linksys Router and the computer is also connected a Linksys router via Ethernet, then the PC should already have a correct IP address (unless the LAN IP Address of the Router has been changed). If unsure, please assign the computer a Static IP Address so it will have an IP address in the same range as the Access Points IP Address.
|
The main difference between a hub and a switch is on a theoretical plane, called OSI. There are 7 layers to the OSI model, and hubs lye on layer 1, the physical layer, Vs a switch which lies on layer 2, the data link layer. | |||
| | |||
| |
To properly pin out a CAT5 cable to the 568B standard insert the wires in the following pin order. This order should be done while the pins facing you and the clip facing down:
Pins 1,2,3, and 6 are used for communication and the other 4 are used as grounds, so it is essential that your cable is pinned out correctly, else it will not work properly at 100Mb. | |||||||||||||||||
| | |||||||||||||||||
| | |||||||||||||||||
| | | |
his is an example of how to setup a VPN tunnel between two Linksys VPN routers that have a Static IP Address. Router 1 Configuration | |
| WAN IP Address | 141.2.3.4 |
| LAN IP Address | 192.168.1.1 |
| Local Secure Group IP | 192.168.1.0 |
| Local Secure Group Mask | 255.255.255.0 |
| |||||||||||
| |||
Accessing the Routers | | ||
| | |||
Configuring the Router | | | |
Power Cycling | | |
Each model of LinkSys router will differ slightly, but the general design is similar across all models. Therefore, the setup is similar across all models.
LinkSys routers now ship with a Setup Wizard which is intended to simplfy basic configuration tasks.
We do not recommend the LinkSys Setup Wizard for two reasons:
Instead, we recommend simply starting your web browser and jumping into the configuration.
Once your web browser is open, go to the URL http://192.168.1.1/. This will take you to a popup box which asks you to enter a username and password.
The username is either blank or "admin" and the default password is "admin".
Once you are past the login screen, you are able to access (and change) a plethora of configuration options for your router.
Don't be worried by the enormous number and variety of options, your LinkSys router ships with default settings that enable it to work right out of the box in most environments.
From here the configuration options that you choose are largely up to your own personal preference.
If this is a wireless router, we recommend that you consider setting an SSID to identify the router as your own and configuring WEP to encrypt your wireless traffic.
Learn how to set up your Linksys Router.
Thomas installs a Linksys router to demonstrate what ease-of-use means.
After you've removed the 871W from the box and plugged in the power adapter, plug the supplied console cable into a valid serial port on your computer. If you have a laptop that doesn't have a serial port, you will need a USB-to-serial adapter. For ideal testing purposes, you'll need a wireless LAN-capable laptop and a desktop computer.
Plug the desktop computer into F1 or FastEthernet port 1. (This is the second port from left in Figure B, since F0 is the first.) Most desktop computers have at least a COM1 port, so you can use that as the console configuration computer. Plug the RJ45 end of the console port into the right-most RJ45 port labeled "console." If all you have is the laptop, you can use that to test the wired and wireless functionality.
Figure B |
 |
For more details on the hardware setup procedure, see the quick start guide from Cisco on the 850 and 870 series router. (This is actually a fairly decent hardware guide from Cisco.)
The first thing I do with all the newer Cisco routers is wipe the default configuration on them. Old school routers didn't have any username and passwords assigned to them, but these new devices are different. You must first log in with username "cisco" and password "cisco." The "c" in "cisco" may need to be capitalized on certain access points and routers, but most of the newer Cisco devices are like this. After you've logged in, you'll need to type the following commands:
Once the router is rebooted, you'll see a "router>" prompt and there will be no passwords required. Now you're starting with a clean slate. Note that for our particular lab exercise, you'll need to create two VLANs before you go into global configuration mode. You'll do that with the following commands:
Once the VLANs are created, you'll be able to enter global configuration mode by typing the old "config t" command.
I've always thought that the Cisco configuration guides were too difficult to use, with their inline comments and hints, so I've created my own configuration template system in Microsoft Excel. Thanks to our development blogger, Justin James, who wrote a quick replacement button that automatically generates a ready-to-use configuration output, we have a truly useful new tool for documenting and creating CLI configuration files. For this tutorial, I've created this Cisco 871W SOHO template, embedded with Justin's new rapid replace functionality.
Once you've downloaded the template for this tutorial, it's easy to generate your own Cisco 871W configuration. All you need to do is fill out the yellow section shown in Figure C on the Variables sheet.
Figure C |
 |
Figure D shows the Reference sheet in the configuration template with substitute variable names in red fonts and enclosed in [brackets]. The Replace button will copy the contents of the Reference sheet to a new sheet called 871W (user-configurable in cell G5) with an auto-incrementing number behind it for each new configuration you create.
Figure D |
 |
Once the output is created, you can copy the Command column with your customized settings (starting below the "Command" label) and paste it into your console. Note that all the Excel formatting will be excluded from the paste command, which is exactly what we want. Some commands take longer than others to insert because the router has to think, so I would recommend that you do a small section at a time. The console is also known to drop certain statements if you paste too fast, so make sure the router takes every command.
You'll have to verify with the "show run" command. When you're satisfied, be sure to issue the "write mem" command to commit all the changes permanently so that the settings will remain the next time you reboot the router.
Notice that on the Reference sheet, I labeled all the commands with their purpose. This is for reference, learning, and documentation purposes. It would be wise to look through the entire Reference sheet so you'll understand what most of the lines are doing.
The final Excel file is perfect for initial setup and permanent documentation. Anyone with any knowledge of Cisco devices should readily understand what's going on with this Excel template. The spreadsheet format help make Cisco CLI more readable and understandable.
You can also change the Reference sheet if you want to modify the template to suit your own purposes. For example, you may not want to force your guests to use WPA-PSK security instead of WEP. and you may even want to leave it wide open and offer a free hotspot. In future articles, we'll go over QoS options to restrict the amount of bandwidth the guest network can consume and to prioritize latency-sensitive applications, like VoIP and online gaming. We'll accompany those articles with an updated CLI template for you to download.
Your desktop PC connected to port F1 should be on the internal LAN. You should be able to acquire an address in the internal network. If you left my IP scheme default, that should be an IP address of 192.168.1.100. You should be able to ping 192.168.1.1 and 192.168.2.1, which are the IP addresses of the BVI 10 and 20 interfaces.
Once the configuration is complete, you'll need to log in with the username and password you configured. If pinging doesn't work, check the IP address configuration on your BVI interfaces.You can't use telnet or SSH if you can't even ping the router, so you'll need to use the console to troubleshoot. You can troubleshoot IP configuration with the "show ip int brief" command, which will display a listing of all the interfaces in your Cisco 871W router, as shown in Figure E.
Figure E |
 |
You should also be able to ping something like techrepublic.com.com if you've entered a valid DNS server. If you can't ping any Web site that you know should work, try pinging your DNS server and see whether it's available. If that doesn't work, you'll need to troubleshoot and verify that your configuration is correct. A good thing to check is whether your Dialer1 interface has been assigned an IP address from your DSL provider yet. If this were a cable modem, it would simply be the FastEthernet4 interface configured in DHCP mode.
If you're able to ping everything mentioned above, test your wireless laptop by connecting to both wireless LANs. From the guest network, try to ping 192.168.1.1 and make sure it fails, to prove the Guest-ACL is working. The Guest-ACL can be modified to have exceptions if, for example, you want your guests to be able to print. The guest network should be able to get to everything on the Internet. If you still have problems, post your question in the article discussion and send me a private TechRepublic message.
The Cisco 871W router is a relatively low cost device ($500 to $700, depending on licensing options) that can perform the wide range of duties described in this earlier blog. We selected the Cisco 871W for this series of tutorials because it has massive utility in an affordable router and can offer many lessons that apply to a wide range of Cisco equipment. Just about anyone can purchase one or two of these routers to practice with in their IT department lab, and the device can be given to employees to separate their corporate extension in their home from their personal home network.
In this tutorial, I will show you how to configure a Cisco 871W router in an advanced SOHO configuration that offers:
Figure A shows a logical diagram of the configuration. The orange represents the guest network and the green represents the internal network. The two wireless LANs are bridged to their respective VLANs using BVI (Bridge Virtual Interface) 10 and 20. The router will have port F0 configured for wired guest access and F1 through F3 configured for internal network access. Port F4 is the WAN interface configured to dial PPPoE to an ADSL modem. The orange guest wired or wireless networks will have full access to the Internet but no access to the green internal network. The internal network will have full access to the orange guest network and the Internet. The guest wireless LAN will have an SSID of GuestWLAN, and the internal wireless LAN will have an SSID of InternalWLAN. For now, the Cisco 871W is capable of broadcasting only one SSID, so GuestWLAN will be the only one broadcasting. Future firmware will fix this shortcoming. For anyone wondering, SSID hiding is a worthless security feature.
Figure A |
 |
These products are designed for multiple and remote-site network-centric video surveillance.
A highly scalable and reliable video management platform for network-based video solutions, the Cisco Video Surveillance Media Server manages, replicates, distributes, and archives video streams.
The Cisco Video Surveillance Operations Manager authenticates and manages access to video feeds. It is a centralized administration tool for management of media servers, virtual matrixes, cameras, encoders, and viewers.
The Cisco Video Surveillance Virtual Matrix monitors video feeds in command center and other 24-hour monitoring environments. It allows operators to control the video being displayed on multiple local and remote monitors.
The Cisco Video Surveillance Storage System removes any artificial limits to the amount and location of storage and allows customers to store as much video as they desire.
This single-box solution encodes, distributes, manages, and archives digital video feeds. Each server encodes up to 64 channels and provides up to 12 TB of storage.
The Cisco Video Surveillance IP Cameras are high-resolution, professional digital cameras designed for superior performance in a wide variety of environments.
The Cisco Video Surveillance 2500 Series camera has an enhanced, progressive scan imager for excellent video and color, even in the most demanding lighting conditions. It uses MPEG-4 compression to produce DVD-quality video.
The Cisco Video Surveillance 4000 Series IP Cameras are feature-rich digital cameras designed for superior performance in a wide variety of video surveillance applications. The cameras employ true high-definition (HD) video and H.264 compression, offering efficient network utilization with the highest-quality video.
These products are designed for single-site deployments in which you want to retain the use of your analog video surveillance matrix switch.
High-performance IP gateway encoders help you mix and match analog cameras from various vendors and facilitate video transport and access over an IP network. IP gateway decoders allow you to continue using familiar analog keyboards and displays while taking advantage of new capabilities.
This rack-mountable 16-slot chassis for Cisco Video Surveillance IP Gateway modules has up to 64 encoder ports in a single chassis.
The Cisco Video Surveillance Services Platform provides cost-effective and fault-tolerant event-tagged video recording and storage. It includes models for SCSI (Small Computer System Interface) and Fibre Channel connections to external storage arrays.
This fault-tolerant, scalable video recording and storage solution works with existing analog matrix switches and can accept video through either built-in digitization and compression technologies or Ethernet and USB connections.
This collection of discrete software modules provides advanced and flexible video surveillance system configuration, management, and operation, and viewing of live and recorded event-tagged video.
Build a Resilient FoundationCreate a more intelligent, responsive integrated network based on adaptive and resilient technologies. |  |
There are 3 different modes of operation within the Cisco IOS.
In the Disabled mode you can use a limited number of commands. This is used primarily to monitor the router.
The Enabled mode is used to show configuration information, enter the configuration mode, and make changes to the configuration.
The Configuration mode is used to enter and update the runtime configuration.
To get a list of the commands for the cisco type '?' at the prompt. To get further information about any command, type the command followed by a '?'.
| clear | Reset functions |
| clock | Manage the system clock |
| configure | Enter configuration mode |
| debug | Debugging functions (see also 'undebug') |
| disable | Turn off privileged commands |
| enable | Turn on privileged commands |
| erase | Erase flash or configuration memory |
| exit | Exit from the EXEC |
| help | Description of the interactive help system |
| login | Log in as a particular user |
| logout | Exit from the EXEC |
| no | Disable debugging functions |
| ping | Send echo messages |
| reload | Halt and perform a cold restart |
| setup | Run the SETUP command facility |
| show | Show running system information |
| telnet | Open a telnet connection |
| terminal | Set terminal line parameters |
| test | Test subsystems, memory, and interfaces |
| traceroute | Trace route to destination |
| tunnel | Open a tunnel connection |
| undebug | Disable debugging functions (see also 'debug') |
| verify | Verify checksum of a Flash file |
| write | Write running configuration to memory, network, or terminal |
| show | |
| access-lists | List access lists |
| arp | ARP table |
| buffers | Buffer pool statistics |
| configuration | Contents of Non-Volatile memory |
| controllers | Interface controller status |
| debugging | State of each debugging option |
| dialer | Dialer parameters and statistics |
| extended | Extended Interface Information |
| flash | System Flash information |
| flh-log | Flash Load Helper log buffer |
| history | Display the session command history |
| hosts | IP domain-name, lookup style, name servers, and host table |
| interfaces | Interface status and configuration |
| ip | IP information |
| isdn | ISDN information |
| line | TTY line information |
| logging | Show the contents of logging buffers |
| memory | Memory statistics |
| privilege | Show current privilege level |
| processes | Active process statistics |
| protocols | Active network routing protocols |
| queue | Show queue contents |
| queueing | Show queueing configuration |
| reload | Scheduled reload information |
| route-map | route-map information |
| running-config | Current operating configuration |
| sessions | Information about Telnet connections |
| smf | Software MAC filter |
| stacks | Process stack utilization |
| startup-config | Contents of startup configuration |
| subsys | Show subsystem information |
| tcp | Status of TCP connections |
| terminal | Display terminal configuration parameters |
| users | Display information about terminal lines |
| version | System hardware and software status |
View the Software Version
View the Ethernet IP
View the Serial IP
View the Default Route
View the Filters
View the Bandwidth
Add a Static Route
Change the Dial Number
Turn Filters On and Off
Ping from the Router
Traceroute from the Router
Cisco>en
Cisco#wr term <--- Shows the running configuration Building configuration... Current configuration: ! version 11.2 no service udp-small-servers no service tcp-small-servers ! hostname Cisco ! interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ! interface Serial0 ip address 192.168.6.1 255.255.255.0 encapsulation frame-relay frame-relay lmi-type ansi ! interface Serial1 ip address 192.168.4.2 255.255.255.0 encapsulation frame-relay bandwidth 1536 keepalive 5 frame-relay map ip 192.168.4.1 101 IETF ! router rip version 2 network 192.168.4.0 network 192.168.6.0 neighbor 192.168.6.2 neighbor 192.168.4.1 ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.6.2 ip route 0.0.0.0 0.0.0.0 192.168.4.1 ! line con 0 line aux 0 line vty 0 4 login ! end Router#wr term
This will show the running configuration.
Within the configuration, you will see an interface ethernet 0 section:
interface Ethernet0
ip address 38.150.93.1 255.255.255.0
no ip directed-broadcast
Router#wr term
Within the configuration, you will see an interface serial 0 section:
interface Serial0
ip address 38.21.10.100 255.255.255.0
ip broadcast-address 38.21.10.255
ip access-group 106 in
encapsulation frame-relay
bandwidth 56
no fair-queue
frame-relay map ip 38.21.10.1 500 IETF
Router#wr term
Within the configuration, you will see an ip route section.
In the ip route section, look for a route:
ip route 0.0.0.0 0.0.0.0 38.167.29.1
The last ip address is the POP ip.
Router#wr term
Under interface serial 0, look for:
ip access-group 104 in
ip access-group 105 out
This means that access-group 104 is the inbound filter set and
access-group 105 is the outbound filter set.
Then, continue to look in the configuration for the access-list statements:
(Example access-list statements)
access-list 104 deny ip 38.166.101.0 0.0.0.255 any
access-list 104 permit tcp any any established
access-list 104 permit tcp any eq ftp-data any gt 1023
access-list 104 permit udp any eq domain any gt 1023
access-list 104 permit udp any eq domain any eq domain
access-list 104 permit icmp any any
access-list 104 permit udp any eq snmp any gt 1023
access-list 105 deny ip any 38.166.101.0 0.0.0.255
access-list 105 permit tcp any any established
access-list 105 permit tcp any any eq ftp
access-list 105 deny udp any eq netbios-ns any
access-list 105 deny udp any eq netbios-dgm any
access-list 105 permit ip any any
Router#wr term
Within the config, you will see an interface serial 0 section:
interface Serial0
ip address 38.21.10.100 255.255.255.0
ip broadcast-address 38.21.10.255
ip access-group 106 in
encapsulation frame-relay
bandwidth 56
no fair-queue
frame-relay map ip 38.21.10.1 500 IETF
Cisco#config t
Enter configuration commands, one per line. End with CNTL/Z.
Cisco(config)#ip route DEST.DEST.DEST.DEST MASK.MASK.MASK.MASK GATE.GATE.GATE.GATE
where: DEST.DEST.DEST.DEST = The destination network the static route is for
MASK.MASK.MASK.MASK = The subnet mask of the destination network
GATE.GATE.GATE.GATE = The gateway of the static route
Example route statement:
ip route 38.222.75.0 255.255.255.0 38.20.5.1
Cisco(config)#^Z (hit z)
Write the entry to memory:
Cisco#wr mem
Building configuration...
[OK]
Type en to put the router in enable mode:
test.com>en
The password should be the same as the one used to telnet in.
Password:
To view the router's configuration, type:
test.com#show config
There will be a line in the configuration that says:
dialer map IP 38.1.1.1 speed 64 name LD3330 2707000
The 2707000 is the dial number.
NOTE: Record what interface the dialer map IP line is under because you will need to
use that interface when changing the number.
Type config t to configure from terminal.
test.com#config t
Enter configuration commands, one per line. End with CNTL/Z.
Enter the interface that the dialer map IP line is under:
test.com(config)#interface BRI0
Add in the new dialer map IP line with the new phone number:
test.com(config)#dialer map IP 38.1.1.1 speed 64 name LD3330 [new number]
Now, remove the old dialer map IP line.
To remove a line, type no and then the line.
For example, to remove the old dialer map IP, type:
test.com(config)#no dialer map IP 38.1.1.1 speed 64 name LD3330 2707020
Now leave config mode:
test.com(config)# [control] z
Save changes:
test.com# write mem
Building configuration...
[OK]
Verify the new number is in the config:
test.com#show config
The new number should be in the dialer map IP line. To turn the filters off:
Router#configure terminal
Router(config)#interface Serial0
Router(config-if)#no ip access-group 104 in
Router(config-if)#no ip access-group 105 out
Router(config-if)# Hit CTRL-Z
Router#wr mem
Building configuration...
[OK]
Router#
To turn the filters on:
Router#configure terminal
Router(config)#interface Serial0
Router(config-if)#ip access-group 104 in
Router(config-if)#ip access-group 105 out
Router(config-if)# Hit CTRL-Z
Router#wr mem
Building configuration...
[OK]
Router# Cisco#ping
Example:
Cisco#ping 38.8.14.2
