How to Recovering Passwords Cisco Router

Recovering Passwords

 

If you are locked out of a router because you forgot the password, you can change the configuration register to help you recover. As noted earlier, bit 6 in the configuration register is used to tell the router whether to use the contents of NVRAM to load a router configuration.

The default configuration register value for bit 6 is 0×2102, which means that bit 6 is off. With the default setting, the router will look for and load a router  configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6, which will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0×2142.

Here are the main steps to password recovery:

1. Boot the router and interrupt the boot sequence by performing a break.
2. Change the configuration register to turn on bit 6 (with the value 0×2142).
3. Reload the router.
4. Enter privileged mood.
5. Copy the startup-config file to running-config.
6. Change the password.
7. Reset the configuration register to the default value.
8. Reload the router.

These steps are discussed in more detail in the following sections, showing the commands to restore access to 2600 and 2500 series routers.

 

Interrupting the Router Boot Sequence

Your first step is to boot the router and perform a break. Typically, you perform a break by pressing the Ctrl+ Break key combination when using Hyper Terminal.

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Copyright (c) 1999 by cisco Systems, Inc.

TAC: Home: SW: IOS: Specials for info

PC= 0xfff0a530, Vector=0×500, SP = 0x680127b0

C2600 platform with 32786 Kbytes of main memory

PC= 0xfff0a530, Vector = 0×500, SP = 0×80004374

monitor: command “boot” aborted due to user interrupt rommon 1 > notice the line “boot” aborted due to user interrupt. At this point, you will be at the rommon 1 >  prompt on some routers.

Changing the Configuration Register

As explained earlier, you can change the configuration register by using the config-register command. To turn on bit 6, use the configuration register value 0×2142.

Cisco 2600 Series Commands

To change the bit value on a Cisco 2600 series router, simply enter the command at the rommon 1> prompt:

Roomon 1> confreg 0×2142

you must reset or power cycle for new con fig to take effect

Cisco 2500 Serious Commands

To change the configuration register on a 2500 series router, type o after creating a break sequence on the router. This brings up a menu of configuration register option settings. To change the configuration register, enter the command o/r, followed by the new register value. Here is an example of turning on bit 6 on a 2501 router:

System Bootstarp, Version 11.0(10c), SOFTWARE

Copyright (c) 1986-1996 by cisco Systems

2500 processor with 14336 Kbytes of main memory

Abort at 0x 1098FEC (PC)

>o

 Configuration register = 0×2102 at last boot

Bit# Configuration register option settings:

15 Diagnostic mode disabled

14 IP broadcasts do not have network numbers

13 Boot default ROM software if network boot fails

12-11 Console speed is 9600 baud

10 IP broadcasts with ones

08 Break disabled

07 OEM disabled

06 Ignore configuration disabled

03-00 Boot file is cisco2-2500(or ‘boot system’ command)

>o/r 0×2142

Reloading the Router and Entering Privileged Mode

At this point, you need to reset the router, as follows:

_From the 2600 series router , type reset.

_From the 2500 series router , type I (for initialize).

The router will reload and ask if you want to use setup mode (because no startup-config is used). Answer No to entering setup mode, press enter to go into user mode, and then type enable to go into privileged mode.

Viewing and Changing the Configuration

Now you are past where you would need to enter the user mode and privileged mode passwords in a router. Copy the startup-config file to the running-config file:

copy running-config startup-config or use the shortcut: copy run start

The configuration is now running in RAM, and you are in privileged mode, which means that you can view and change the configuration. Although you cannot view the enable secret setting for the password, as follows:

config t

enable secret 1234

Resetting the configuration Register and Reloading the Router

After you are finished changing passwords, set the configuration register back to the default value with the config-register command:

Config-register 0×2102

Finally, reload the router.

Cisco Router Configuration Tutorial

Acknowledgments
The following sources where extremely useful:

• Leinwand, Pinsky, and Culpepper. Cisco Router Configuration. Indianapolis, Indiana: Cisco Press, 1998.
• Cisco Systems, Inc., http://www.cisco.com

Disclaimer
This document carries no explicit or implied warranty. Nor is there any guarantee that the information contained in this document is accurate. It is offered in the hopes of helping others, but you use it at your own risk. The author will not be liable for any damages that occur as a result of using this document.
Conventions
Important terms and concepts, when they are introduced, may be displayed in bold. Commands included in the body of the text will be displayed in this font. All names and addresses used in examples are just that, examples, and should not be used on your network. Do not type them in verbatim when configuring your system. Finally, in some examples where the command rquires an IP address as an argument, the IP address may be represented in this way, xx.xx.xx.xx, or aa.bb.cc.dd. You will never actually use these strings when configuring your system. They are mearly a convention of this document to specify that you should substitute the appropriate IP address at that point.

---

---

 

1. What this document covers

There are several methods available for configuring Cisco routers. It can be done over the network from a TFTP server. It can be done through the menu interface provided at bootup, and it can be done from the menu interface provided by using the command setup. This tutorial does not cover these methods. It covers configuration from the IOS command-line interface only. Useful for anyone new to Cisco routers, and those studying for CCNA.
Note that this tutorial does not cover physically connecting the router to the networks it will be routing for. It covers operating system configuration only.

 

 

1.1 Reasons for using the command-line

The main reason for using the command-line interface instead of a menu driven interface is speed. Once you have invested the time to learn the command-line commands, you can perform many operations much more quickly than by using a menu. This is basically true of all command-line vs. menu interfaces. What makes it especially efficient to learn the command-line interface of the Cisco IOS is that it is standard across all Cisco routers. Also, some questions on the CCNA exam require you to know command-line commands.

 

 

2. Getting started with Cisco

Initially you will probably configure your router from a terminal. If the router is already configured and at least one port is configured with an IP address, and it has a physical connection to the network, you might be able to telnet to the router and configure it across the network. If it is not already configured, then you will have to directly connect to it with a terminal and a serial cable. With any Windows box you can use Hyperterminal to easily connect to the router. Plug a serial cable into a serial (COM) port on the PC and the other end into the console port on the Cisco router. Start Hyperterminal, tell it which COM port to use and click OK. Set the speed of the connection to 9600 baud and click OK. If the router is not on, turn it on.
If you wish to configure the router from a Linux box, either Seyon or Minicom should work. At least one of them, and maybe both, will come with your Linux distribution.
Often you will need to hit the Enter key to see the prompt from the router. If it is unconfigured it will look like this:
Router> If it has been previously configured with a hostname, it will look like this:
hostname of router> If you have just turned on the router, after it boots it will ask you if you wish to begin initial configuration. Say no. If you say yes, it will put you in the menu interface. Say no.

 

 

2.1 Modes

The Cisco IOS command-line interface is organized around the idea of modes. You move in and out of several different modes while configuring a router, and which mode you are in determines what commands you can use. Each mode has a set of commands available in that mode, and some of these commands are only available in that mode. In any mode, typing a question mark will display a list of the commands available in that mode.
Router>?

 

 

2.2 Unprivileged and privileged modes

When you first connect to the router and provide the password (if necessary), you enter EXEC mode, the first mode in which you can issue commands from the command-line. From here you can use such unprivileged commands as ping, telnet, and rlogin. You can also use some of the show commands to obtain information about the system. In unprivileged mode you use commands like, show version to display the version of the IOS the router is running. Typing show ? will diplay all the show commands available in the mode you are presently in.
Router>show ? You must enter privileged mode to configure the router. You do this by using the command enable. Privileged mode will usually be password protected unless the router is unconfigured. You have the option of not password protecting privileged mode, but it is HIGHLY recommended that you do. When you issue the command enable and provide the password, you will enter privileged mode.
To help the user keep track of what mode they are in, the command-line prompt changes each time you enter a different mode. When you switch from unprivileged mode to privileged mode, the prompt changes from:
Router> to
Router# This would probably not be a big deal if there were just two modes. There are, in fact, numerous modes, and this feature is probably indispensable. Pay close attention to the prompt at all times.
Within privileged mode there are many sub-modes. In this document I do not closely follow Cisco terminology for this hierarchy of modes. I think that my explanation is clearer, frankly. Cisco describes two modes, unprivileged and privileged, and then a hierarchy of commands used in privileged mode. I reason that it is much clearer to understand if you just consider there to be many sub-modes of privileged mode, which I will also call parent mode. Once you enter privileged mode (parent mode) the prompt ends with a pound sign (#). There are numerous modes you can enter only after entering privileged mode. Each of these modes has a prompt of the form:
Router(arguments)# They still all end with the pound sign. They are subsumed within privileged mode. Many of these modes have sub-modes of their own. Once you enter priliged mode, you have access to all the configuration information and options the IOS provides, either directly from the parent mode, or from one of its submodes.

 

 

3. Configuring your Cisco Router

If you have just turned on the router, it will be completely unconfigured. If it is already configured, you may want to view its current configuration. Even if it has not been previously configured, you should familiarize yourself with the show commands before beginning to configure the router. Enter privileged mode by issuing the command enable, then issue several show commands to see what they display. Remember, the command show ? will display all the showcommands aavailable in the current mode. Definately try out the following commands:
Router#show interfaces
Router#show ip protocols
Router#show ipv6 protocols
Router#show ip route
Router#show ipv6 route
Router#show ip arp
Router#show ipv6 neighbors When you enter privileged mode by using the command enable, you are in the top-level mode of privileged mode, also known in this document as "parent mode." It is in this top-level or parent mode that you can display most of the information about the router. As you now know, you do this with the show commands. Here you can learn the configuration of interfaces and whether they are up or down. You can display what IP protocols are in use, such as dynamic routing protocols. You can view the route and ARP tables, and these are just a few of the more important options.
As you configure the router, you will enter various sub-modes to set options, then return to the parent mode to display the results of your commands. You also return to the parent mode to enter other sub-modes. To return to the parent mode, you hit ctrl-z. This puts any commands you have just issued into affect, and returns you to parent mode.

 

 

3.1 Global configuration (config)

To configure any feature of the router, you must enter configuration mode. This is the first sub-mode of the parent mode. In the parent mode, you issue the command config.
Router#config
Router(config)# As demonstrated above, the prompt changes to indicate the mode that you are now in.
In connfiguration mode you can set options that apply system-wide, also refered to as "global configurations." For instance, it is a good idea to name your router so that you can easily identify it. You do this in configuration mode with the hostname command.
Router(config)#hostname ExampleName
ExampleName(config)# As demonstrated above, when you set the name of the host with the hostname command, the prompt immediately changes by replacing Router with ExampleName. (Note: It is a good idea to name your routers with an organized naming scheme.)
Another useful command issued from config mode is the command to designate the DNS server to be used by the router:
ExampleName(config)#ip name-server aa.bb.cc.dd
ExampleName(config)#ctrl-Z
ExampleName# This is also where you set the password for privileged mode.
ExampleName(config)#enable secret examplepassword
ExampleName(config)#ctrl-Z
ExampleName# Until you hit ctrl-Z (or type exit until you reach parent mode) your command has not been put into affect. You can enter config mode, issue several different commands, then hit ctrl-Z to activate them all. Each time you hit ctrl-Z you return to parent mode and the prompt:
ExampleName# Here you use show commands to verify the results of the commands you issued in config mode. To verify the results of the ip name-server command, issue the command show host.

 

 

3.2 Configuring Cisco router interfaces

Cisco interface naming is straightforward. Individual interfaces are referred to by this convention:
media type slot#/port# "Media type" refers to the type of media that the port is an interface for, such as Ethernet, Token Ring, FDDI, serial, etc. Slot numbers are only applicable for routers that provide slots into which you can install modules. These modules contain several ports for a given media. The 7200 series is an example. These modules are even hot-swapable. You can remove a module from a slot and replace it with a different module, without interrupting service provided by the other modules installed in the router. These slots are numbered on the router.
Port number refers to the port in reference to the other ports in that module. Numbering is left-to-right, and all numbering starts at 0, not at one.
For example, a Cisco 7206 is a 7200 series router with six slots. To refer to an interface that is the third port of an Ethernet module installed in the sixth slot, it would be interface ethernet 6/2. Therefor, to display the configuration of that interface you use the command:
ExampleName#show interface ethernet 6/2 If your router does not have slots, like a 1600, then the interface name consists only of:
media type port# For example:
ExampleName#show interface serial 0 Here is an example of configuring a serial port with an IP address:
ExampleName#config
ExampleName(config)#interface serial 1/1
ExampleName(config-if)#ip address 192.168.155.2 255.255.255.0
ExampleName(config-if)#ipv6 address fe80::230:1bff:fe80:b8ea/64
ExampleName(config-if)#ipv6 enable
ExampleName(config-if)#no shutdown
ExampleName(config-if)#ctrl-Z
ExampleName# Then to verify configuration:
ExampleName#show interface serial 1/1 Note the no shutdown command. An interface may be correctly configured and physically connected, yet be "administratively down." In this state it will not function. The command for causing an interface to be administratively down is shutdown.
ExampleName(config)#interface serial 1/1
ExampleName(config-if)#shutdown
ExampleName(config-if)#ctrl-Z
ExampleName#show interface serial 1/1 In the Cisco IOS, the way to reverse or delete the results of any command is to simply put no infront of it. For instance, if we wanted to unassign the IP address we had assigned to interface serial 1/1:
ExampleName(config)#interface serail 1/1
ExampleName(config-if)#no ip address 192.168.155.2 255.255.255.0
ExampleName(config-if)ctrl-Z
ExampleName#show interface serial 1/1 Configuring most interfaces for LAN connections might consist only of assigning a network layer address and making sure the interface is not administratively shutdown. It is usually not necessary to stipulate data-link layer encapsulation. Note that it is often necessary to stipulate the appropriate data-link layer encapsulation for WAN connections, such as frame-relay and ATM. Serial interfaces default to using HDLC. A discussion of data-link protocols is outside the scope of this document. You will need to look up the IOS command encapsulation for more details.

 

 

3.3 Configuring Cisco Routing

IP routing is automatically enabled on Cisco routers. If it has been previously disabled on your router, you turn it back on in config mode with the command ip routing.
ExampleName(config)#ip routing
ExampleName(config)#ctrl-Z To enable IPv6 routing, use the command ipv6 unicast-routing.
ExampleName(config)#ipv6 unicast-routing
ExampleName(config)#ctrl-Z There are two main ways a router knows where to send packets. The administrator can assign static routes, or the router can learn routes by employing a dynamic routing protocol.
Static routes are generally used in very simple networks or in particular cases that necessitate their use. To create a static route, the administrator tells the router operating system that any network traffic destined for a specified network layer address should be forwarded to a similiarly specified network layer address. In the Cisco IOS this is done with the ip route and ipv6 route commands.
ExampleName#config
ExampleName(config)#ip route 172.16.0.0 255.255.255.0 192.168.150.1
ExampleName(config)#ctrl-Z
ExampleName#show ip route
ExampleName#config
ExampleName(config)#ipv6 route fe80::230:1bff:fe80::/64 fe80::230:1bff:fe80::1
ExampleName(config)#ctrl-Z
ExampleName#show ipv6 route Two things to be said about this example. First, the packet destination address must include the subnet mask for that destination network. Second, the address it is to be forwarded to is the specified addres of the next router along the path to the destination. This is the most common way of setting up a static route, and the only one this document covers. Be aware, however, that there are other methods.
Dynamic routing protocols, running on connected routers, enable those routers to share routing information. This enables routers to learn the routes available to them. The advantage of this method is that routers are able to adjust to changes in network topologies. If a route is physically removed, or a neighbor router goes down, the routing protocol searches for a new route. Routing protocols can even dynamically choose between possible routes based on variables such as network congestion or network reliability.
There are many different routing protocols, and they all use different variables, known as "metrics," to decide upon appropriate routes. Unfortunately, a router needs to be running the same routing protocols as its neighbors. Many routers can, however, run mutliple protocols. Also, many protocols are designed to be able to pass routing information to other routing protocols. This is called "redistribution."
Routing protocols are a complex topic and this document contains only this superficial description of them. There is much to learn about them, and there are many sources of information about them available. An excelent source of information on this topic is Cisco's website, http://www.cisco.com.

 

 

3.4 IPv6 configuration with IOS

This is a seperate section because IPv6 is new to most people, and they will be looking specifically for information about configuring IPv6. Examples of configuring IPv6 are included throughout the document, however, alongside IPv4. That is a more accurate reflection of how you will work with IPv6 on a day-to-day basis. Once the newness of IPv6 passes, it will be one more piece in the familiar puzzle.
The important concept to understand when configuring IPv6 is that IPv4 and IPv6 exist in parrallel. One is not a replacement for the other, at least not in the way it is treated by the operating system. A term for this is dual stack. An interface can have an IPv4 address and no IPv6 address. Or an IPv6 address and no IPv4 address. Or both an IPv4 address and an IPv6 address. Examples:
IPv4 only
!
interface FastEthernet0/0
ip address 192.168.1.138 255.255.255.0
!

IPv6 only
!
interface FastEthernet0/0
ipv6 address fe80::230:1bff:fe80::/64
ipv6 enable
!

IPv4 and IPv6
!
interface FastEthernet0/0
ip address 192.168.1.138 255.255.255.0
ipv6 address fe80::230:1bff:fe80::/64
ipv6 enable
!
Notice that there are seperate but similiar commands for IPv4 and IPv6. To assign an IPv4 address,
ExampleName(config-if)#ip address 192.168.1.138 255.255.255.0
To assign an IPv6 address,
ExampleName(config-if)#ipv6 address fe80::230:1bff:fe80::/64
There are some bigger differences between IPv4 and IPv6 IOS commands. For example, the IPv6 equivilant of show ip arp, is show ipv6 neighbors.

3.5 Saving your Cisco Router configuration

Once you have configured routing on the router, and you have configured individual interfaces, your router should be capable of routing traffic. Give it a few moments to talk to its neighbors, then issue the commands show ip route and show ip arp. There should now be entries in these tables learned from the routing protocol.
If you turned the router off right now, and turned it on again, you would have to start configuration over again. Your running configuration is not saved to any perminent storage media. You can see this configuration with the command show running-config.
ExampleName#show running-config You do want to save your successful running configuration. Issue the command copy running-config startup-config.
ExampleName#copy running-config startup-config Your configuration is now saved to non-volatile RAM (NVRAM). Issue the command show startup-config.
ExampleName#show startup-config Now any time you need to return your router to that configuration, issue the command copy startup-config running-config.
ExampleName#copy startup-config running-config

 

 

3.6 Example Cisco Router configuration

1. Router>enable
2. Router#config
3. Router(config)#hostname N115-7206
4. N115-7206(config)#interface serial 1/1
5. N115-7206(config-if)ip address 192.168.155.2 255.255.255.0
6. N115-7206(config-if)ipv6 address fe80::230:1bff:fe80:b8ea/64
7. N115-7206(config-if)ipv6 enable
8. N115-7206(config-if)no shutdown
9. N115-7206(config-if)ctrl-z
10. N115-7206#show interface serial 1/1
11. N115-7206#config
12. N115-7206(config)#interface ethernet 2/3
13. N115-7206(config-if)#ip address 192.168.150.90 255.255.255.0
14. N115-7206(config-if)#no shutdown
15. N115-7206(config-if)#ctrl-z
16. N115-7206#show interface ethernet 2/3
17. N115-7206#config
18. N115-7206(config)#ip name-server 172.16.0.10
19. N115-7206(config)#ctrl-z
20. N115-7206#ping archie.au
21. N115-7206#config
22. N115-7206(config)#enable secret password
23. N115-7206(config)#ctrl-z
24. N115-7206#copy running-config startup-config
25. N115-7206#exit

 

 

4. Troubleshooting your Cisco router

Inevitably, there will be problems. Usually, it will come in the form of a user notifying you that they can not reach a certain destination, or any destinattion at all. You will need to be able to check how the router is attempting to route traffic, and you must be able to track down the point of failure.
You are already familiar with the show commands, both specific commands and how to learn what other show commands are available. Some of the most basic, most useful commands you will use for troubleshooting are:
Router#show interfaces
Router#show ip protocols
Router#show ipv6 protocols
Router#show ip route
Router#show ipv6 route
Router#show ip arp
Router#show ipv6 neighbors

 

 

4.1 Testing connectivity

It is very possible that the point of failure is not in your router configuration, or at your router at all. If you examine your router's configuration and operation and everything looks good, the problem might be be farther up the line. In fact, it may be the line itself, or it could be another router, which may or may not be under your administration.
One extremely useful and simple diagnostic tool is the ping command. Ping is an implementation of the IP Message Control Protocol (ICMP). Ping sends an ICMP echo request to a destination IP address. If the destination machine receives the request, it responds with an ICMP echo response. This is a very simple exchange that consists of:
Hello, are you alive?
Yes, I am.
ExampleName#ping xx.xx.xx.xx If the ping test is successful, you know that the destination you are having difficulty reaching is alive and physically reachable.
If there are routers between your router and the destination you are having difficulty reaching, the problem might be at one of the other routers. Even if you ping a router and it responds, it might have other interfaces that are down, its routing table may be corrupted, or any number of other problems may exist.
To see where packets that leave your router for a particular destination go, and how far, use the trace command.
ExampleName#trace xx.xx.xx.xx It may take a few minutes for this utility to finish, so give it some time. It will display a list of all the hops it makes on the way to the destination.

 

 

4.2 debug commands

There are several debug commands provided by the IOS. These commands are not covered here. Refer to the Cisco website for more information.

 

 

4.3 Hardware and physical connections

Do not overlook the possibility that the point of failure is a hardware or physical connection failure. Any number of things can go wrong, from board failures to cut cables to power failures. This document will not describew troubleshooting these problems, except for these simple things.
Check to see that the router is turned on. Also make sure that no cables are loose or damaged. Finally, make sure cables are plugged into the correct ports. Beyond this simple advice you will need to check other sources.

 

 

4.4 Out of your control

If the point of failure is farther up the line, the prolem might lie with equipment not under your administration. Your only option might be to contact the equipment's administrator, notify them of your problem, and ask them for help. It is in your interest to be courtious and respectful. The other administrator has their own problems, their own workload and their own priorities. Their agenda might even directly conflict with yours, such as their intention to change dynamic routing protocols, etc. You must work with them, even if the situation is frustrating. Alienating someone with the power to block important routes to your network is not a good idea.

 

 

5. References

• Leinwand, Pinsky and Culpepper Cisco Router Configuration. Indianapolis, Indiana: Cisco Press, 1998.
• Cisco Systems, Inc., http://www.cisco.com

Idea of Cisco Router – Managing Configuration Registers

Managing Configuration Registers

All Cisco routers have a 16-bit software register, which is written into NVRAM. By default, the configuration register is set to load the Cisco IOS from memory and to look for and load the startup-config file from NVRAM.

Binary Version of configuration Register. Value Hex 2102

15  14  13  12  0    0     1    0

11  10  9  8  0     0   0   1

7  6  5  4  0  0  0  0

3  2  1  0  0  0   1  0

Software Configuration Meanings

Bit	Hex	Description
0-3	0*0000-0*000F	Boot field ( see Table 7.4)
6	0*0040	Ignore NVRAM contents
7	0*0080	OEM bit enabled
8	0*0100	Break disabled
10	0*0400	IP broadcast with all zeros
11-12	0*0800-0*1000	Console line speed
13	0*2000	Boot default ROM software if network boot fails
14	0*4000	IP broadcasts do not have net numbers
15	0*8000	Enable diagnostic messages and ignore NVM contents

The Boot Filed (configuration Register Bits 00-03)

Boot Field	Meaning	Use
00	ROM monitor mode	To boot to ROM monitor mode, set the configuration register to 2100. You must manually boot the router with the b command. The router will show the common> prompt.
01	Boot image from ROM	To boot an IOS image stored in ROM, set the configuration register to 2101. The router will show the router (boot)> promot.
02-F	Specifies a default boot filename	Any value from 2102 through 210F tells the router to use the boot commands specified in NVRAM.

Checking the Current Configuration Register Value

You can see the current value of the configuration register by using the show version command ( sh version or show ver for short), as in the following example:

Router#sh version
Cisco internetwork Operating System Software
IOS ™ C2600 Software (C2600-I-M), Version 12.0(3)T3,
RELEASE SOFTWARE (fc 1)
[output cut]
Configuration register is 0×2102

The last information given from this command is the value of the configuration register. In this example, the value is 0×2102, which is the default setting. Notice theshow version command provides the IOS version. In the example above, it shows the IOS version as 120(3)T3.

You can change the configuration register by using the   config-register command. For example, the following commands tell the router to boot from ROM monitor mode and then show the current configuration register value:

Router (config)# config-register 0×0101
Router (config)#^Z
Router#sh ver
[cut]
configuration register is 0×2102 (will be 0×0101 at next reload)

Notice that the show version command shows the command shows the current configuration register value, as well as what it will be when the router reboots. Any change to the configuration register will not take effect until the router is reloaded.

Idea of “The IEEE standardized protocol”-Part-11

Switch :

A network device that filters,forwards,and floods frames based on each frame’s destination addres.The switch operates at the data link layer of the Open system interconnection (OSI) reference model.

Synchronous :

The imposition of time ordering on a bit stream.Practically,a device will try to use the same speed as another device on the other end of aserial link.However,by examining transitions between voltage states on the link,the device can notice slight variations in the speed on each end and can adjust its speed accordingly.

 
TETP :

Trivial File Transfer Protocol.A simplified version of File Transfer Protocol (FTP) that allows files to be transferred from one computer to another over anetwork,usally without the use of client authentication (for example,username and password).

Topology database :

The structured data thyat dscribes the network topology to a routing protocol.Link- state and balanced hybrid routing protocols use topology tables,from which they build the entries in the routing table.

Trunking :

Also called VLAN trunking.A method (using either Cisco’s ISL protocol or the IEEE 802.1Q protocol)to support multiple VLANs that have members on more than oe switch.

Update timer :

The time interval that regulates how often a routing protocol sends its nextperiodic routing updates.Distance vector routing protocols send full routing updates every update interval.

Variance :

IGRP and EIGRP compute their metrics,so the metrics for different routes to the same subnet seldom have athe exact same value.The variance value is multipled with the lower metric when multiple routes to the same subnet exist.Ifthe product is larger than the metrics for other routes,the routes are considered of “equal”metric,allowing multiple routes to be added to the routing table.

Virtual Circuit.A logical concept that represents the path that frames travel between DTEs. VCs are particularly useful when comparing Frame Relay to leased physical circuits.

VLAN  :

Virtual LAN.A group of devices on one or more LANs that are configured (using management software) so that they can communicates as if they were attached to the same wire when in fact they are located on a number of different LAN segments.Because VLANs are based on a logical instead of physical connections,they are extremely flexible.

VLSM  :

Variable-Length Subnet Mask(ing).The capability to specify a different subnet mask for the same Class A,B.or C network number on different subnets.VLSM can help optimize available address space.

VLAN Trunking Protocol.Cisco switches use this proprietary protocol to exchange VLAN configuration information between switches.VTP defines a Layer 2 messaging protocol that allows the switches to exchange VLAN configuration information so that the VLAN configuration stays consistent throughout a network.VTP manages the additions,deletions,and name changes of VLANs across multiple switches.It is also reduces broadcast overhead through the use of VTP pruning.

Zero subnet :

When subnetting a Class A,B.or C network ,two subnet numbers are “discouraged” from use;the zero subnet is one of these two subnets.It is the subnet number for which the subnet bits all have a value of binary 0.

Idea of Routing Information protocol [ RIP ] ….!!

Routing Information protocol

 

Routing Information Protocol (RIP) is a true distance-vector routing protocol. It sends the complete routing table out to all active interfaces every 30 seconds.RIP only uses hop count to determine the best way to remote network, but it has a maximum allowable hop count of 15,meaning that 16 is deemed unreachable.RIP works well in small networks, but it is inefficient on large networks with slow WAN links or on networks with a large number of routers installed.RIP version I uses only classful routing, which means that all devices in the network must use the same subnet mask.

RIP Timers

RIP uses three different kinds of timers to regulate its performance:

Route update timer  Sets the interval (typically 30 seconds) between periodic routing updates,in which the router sends a complete copy of its routing table out to all neighbors.

Route invalid timer  Determines the length of time that must expire (90seconds)before a router determines that a route has become invalid. It will come to this conclusion if it hasn’t heard any updates about a particular route for that period. When that happens, the router will send out updates to all its neighbors letting them know that the route is invalid.

Route flush timer  Sets the time between a route becoming invslid timer and its removal from the routing  table (240 seconds).Before it is removed from the table, the router notifies its neighbors of that route’s impending doom. The value of the route invalid timer must be less than that of the route flush timer. This is to provide the router with enough time to tell its neighbors aout the invalid route before the routing table is updated.

Configuring RIP Routing

To configure RIP routing, ust turn on the protocol with the router rip command and tell the RIP routing protocol which networks to advertise. That’s it.As an example, let’s configure our four-router internetwork with RIP routing.

Router>en

Router>enable

Router#conf

Configuring from terminal, memory, or network [terminal]?

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#host

Router(config)#hostname R1

R1(config)#interface fastEthernet 0/0

R1(config-if)#ip address 172.16.20.1 255.255.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface fastEthernet 0/1

R1(config-if)#ip address 172.17.20.1 255.255.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#router rip

R1(config-router)#network 172.16.20.0

R1(config-router)#network 172.17.20.0

R1(config-router)#exit

R1(config)#exit

%SYS-5-CONFIG_I: Configured from console by console

R1#wr

Building configuration…

[OK]

R1#

We have make this kind of configure in every router where we want to use RIP as a routing.(15 router max.)

 

 

Verifying the RIP Routing Tables

Each routing table should now have the routers directly connected routers as well as RIP-injected routers received from neighbor routers.

The router output below shows the contents of the 2621 A routing table.

R1#sh ip route

Codes: C – connected, S – static, I – IGRP, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP

       i – IS-IS, L1 – IS-IS level-1, L2 – IS-IS level-2, ia – IS-IS inter area

       * – candidate default, U – per-user static route, o – ODR

       P – periodic downloaded static route

Gateway of last resort is not set

C    172.16.0.0/16 is directly connected, FastEthernet0/0

C    172.17.0.0/16 is directly connected, FastEthernet0/1

R    172.18.0.0/16 [120/1] via 172.17.20.2, 00:00:06, FastEthernet0/1

R    172.19.0.0/16 [120/2] via 172.17.20.2, 00:00:06, FastEthernet0/1

R1#

R means that the networks were added dynamically using the RIP routing protocol. The [120/3]is the administrative distance of the route (120)along with the number of hops to that remote networks(3).

OSI (Open Systems Interconnection) Models …….!!

The OSI model 

         OSI divides telecommunication into seven layers. The layers are in two groups. The upper four layers are used whenever a message passes from or to a user. The lower three layers (up to the network layer) are used when any message passes through the host computer. Messages intended for this computer pass to the upper layers. Messages destined for some other host are not passed up to the upper layers but are forwarded to another host.

The seven OSI models are:-

Layer 7:

Application: The application level provides services that directly support the user applications, such as user interface, e-mail, file transfer, database access, etc. There are many protocols at this layer that are commonly needed such as HTTP, WWW, FTP, TELNET, SMTP. It gives applications access to the network through the layers below. Another important function is file transfer between computers. Some computers store file names or represent text lines differently. The application layer takes care of the incompatibilities and allows a smooth transfer between the systems.

Protocols: FTP¹, HTTP², SMTP³, DNS⁴, TFTP⁵, NFS⁶, TELNET⁷.


Layer 6:

Presentation: The presentation level is translator between the application and network format. Unlike the lower layers, its concern is with the syntax and semantics of the information transmitted. Most user programs do not exchange random binary bit strings. They exchange data such as names, addresses, dates, etc. Different computers store the data in a different way. In order to allow these computers to transmit the data to each other the presentation layer translates the data into a standard form to be used on the network. Another function is data compression which can be used to reduce the number of bits needed to send the packet of information. Security is also added at this layer by using data encryption and decryption. This prevents others from intercepting the data and being able to decipher the meaning of the bits.

Protocols: ASCII⁸, EBCDIC⁹, MIDI¹⁰, MPEG¹¹, JPEG¹².


Layer 5:

Session Layer: This layer allows applications on connecting systems to communicate using a session. It opens, uses, and closes this communication link. It also acts as a dialog control mechanism controlling who is able to transmit. Sessions can allow data to be sent in both directions at the same time or only one direction. The session layer determines who has the ability to transfer at the current time. Another valuable ability is to insert checkpoints during data transfers. During a large file transmission if the system crashes the checkpoints allow the system to start downloading at the last known checkpoint. An example of this is during either a interactive login or file transfer connection, the session would recognize names in the session and register them into a history. It could then connect and reconnect in case of a system crash at either of the systems.
Protocols: SQL¹³, RPC¹⁴

Layer 4: 

Transport Layer: The basic function of the transport layer is to accept data from the session layer, break up the data into smaller units if need be, and send these manageable data packets to the network layer. At the destination this layer is responsible for combining the packets into their original state. This layer also checks to see if the layers are in the right order when received and not in duplicated form. If there is an error in one of the packets there is a request for that packet’s retransmission.

There are two protocols that sits at this layer:-

1. TCP Protocols: TCP protocol connects the sender and the receiver using a socket which is determined by the IP address and port number. TCP keeps track of the packet delivery order and which ones need to be resent.

2. UDP Protocols: UDP is a connectionless communication and does not guarantee packet delivery between sender and receiver. Because it is connectionless the sender sends the data into the network with an IP address of the receiver and hopes it makes it to its destination. Since there is not a way of asking the sender to retransmit because of an error there is little error protection if any.

Protocols: TCP¹⁵ or UDP¹⁶.


Layer 3:

Network Layer: This layer addresses packets, determines the best path or route, and manages network problems such as data congestion. There are three ways in which the packets are routed to their destinations.

(1)There could be a static route through the entire network that will never be changed.

(2) There could be a static line only used during a particular session between the sender and receiver.

(3)The packets could be dynamically sent through the network using changing paths in order to prevent bottlenecks.

The network level is also responsible for converting the network address and names to the MAC addresses of the machines. One of the most important functions of this layer is the ability to allow two different networks using conflicting addressing schemes to be able to send data to each other. The network layer allows the different protocols to “talk” to each other and understand where the packet’s destination is.  Routers work at this level by sending the packets along the network.
Protocols:  IP¹⁷, ICMP¹⁸, ARP¹⁹, PING²⁰, Traceroute²¹

Layer 2:

Data link layer:The data link layer defines the format of data on the network. All of the data sent through the network are made into a frame which is performed at this level. The frame is a uniform way of sending the data along with address information and error checking capabilities. CRC is used for the error detection at this level. If at the receiving end the CRC fails at this level there is a request back to the sender for retransmission of this packet.

Protocols: IEEE 802.2²², 802.3²³, 802.5²⁴.


Layer 1:

Physical Layer: The physical layer is responsible for establishing, maintaining and ending physical connections (point to point) between computers. This layer is concerned with the actual interpretation of the bit stream into an electrical signal that can be carried across a physical medium. The protocols at this layer deal with the binary transmission, voltage levels, and data rates. This layer would also specify physical medium properties such as cables and network cards.
Protocols: IEEE 802.3²³, 802.5²⁴.

Idea of Interior Gateway Routing Protocol [ IGRP ]

Interior Gateway Routing Protocol (IGRP) is a Cisco proprietary distance-vector routing protocol. This means that all your routers must be Cisco routers to use IGRP in your network. Cisco created this routing protocol to overcome the problems associated with RIP. IGRP has a maximum hop count of 255 with a default of 100. This is helpful in larger networks and solves the problem of there being only 15 hops maximum possible in a RIP network. IGRP also uses a different metric form RIP. IGRP uses bandwidth and delay of the line by default as a metric for determining the best route to an internetwork. This is called a compositmetric. Reliability, load, and Maximum Transmission Unit (MTU) can also be used, although they are not used by default.

IGRP Timers

To control performance, IGRP includes the following timers with default settings:

Update timers

These specify how frequently routing-update messages should be sent. The default is 90 seconds.

Invalid timers

These specify how long a router should wait before declaring a route invalid if it doesn’t receive a specific update about it. The default is three times the update period.

Holddown timers

These specify the holddown period. The default is three times the update timer period plus 10 seconds.

Flush timers

These indicate how much time should pass before a route should be flushed from the routing table. The default is seven times the routing update period.

 

 

  Configuring IGRP Routing

The command used to configure IGRP is the same as the one used to configure RIP routing with one important difference: you as an autonomous system (AS) number. All routers within an autonomous system must use the same AS number, or they will not communicate with routing information. Here is an example of how to turn on IGRP routing:

RouterA#config t

RouterA(config)#router igrp 10

RouterA(config-router)#network 172.16.0.0

We have make this kind of configure in every router where we want to use RIP as a routing (15 router max).

Verifying our Configurations:

It is important to verify your configurations once you have completed them, or at least, once you think you have completed them. The following list includes the commands you can use to verify the routed and routing protocols configured on your Cisco routers. The first command is covered in the previous section; the others are covered in upcoming sections.

-show ip route

-show protocol

-show ip protocol

-debug ip rip

-debug  ip igrp events

-debug ip igrp transactions

Idea of “The IEEE standardized protocol”-Part-10

Spanning Tree Protocol :

 A bridge protocol that uses the Spanning Tree algorithm,allowing alearning bridge to dynamically work around loops in a network topology by creating a spanning tree.Bridges exchange bridge protocol data unit (BPDU)messages with other bridges to detect loops and then remove the loops by shutting down selected bridge interfaces.Refers to both the IEEE 802.1d Spanning Tree Protocol standard and the earlier Digital Equipment Corporation Spanning Tree Protocol upon which it is based.The IEEE version supports bridge domains and allows the bridge to construct a loop-free topology across an extended LAN.The IEEE version generally is preferred over the Digital version.

Split horizon :

A routing technique in which information about routes is prevented from exiting the router interface through which that information was received.Split-horizon updates are useful in preventing touting loops.

Subinterface :

One of the virtual interfaces on a single physical interface.

Subnet :

Subnets are subdivisions of a Class A,B,or C network,as configured by a network administrator.Subnets allow a single  Class A,B,or C network to be used and still allow for a large number of groups of IP addresses,as a required for efficient IP routing.

Subnet broadcast address :

The same as a broadcast address.

Subnet mask  :

A 32-bit address mask used to indicate the bits of an IP address  that are being used for the subnet part of the address.Sometime simply called a mask.

Successor :

In EIGRP,a neighboring router that could possibly be an alternative next-hop router to reach a particular subnet.Successor might or might not be feasible successors.

SVC  :

Switch Virtual Circuit.A VC that is set up dynamically when needed.An SVC can be equated to a dial connection in concept.

Concept of Dynamic Routing !!!!

Dynamic Routing

Dynamic routing is the process of using protocols to find and update routing tables on routers. This is easier than static or default routing, but you use it at the expense of router CPU processes and bandwidth on the network links. A routing protocol defines the set of rules used by a router when it communicates between neighbor routers.

-RIP

-IGRP

-EIGRP

-EEIGRP

-OSPF

Administrative Distances

When configuring routing protocols, you need to be a aware of administrative distances (Ads).These are used to rate the trustworthiness of routing information received on a router from a neighbor router. An administrative distance is an integer from 0 to 255,where 0 is the most .

Default Administrative Distances

Route Source	Default Distance
Connected interface	0
Static route	1
EIGRP	90
IGRP	100
OSPF	110
RIP	120
External EIGRP	170
Unknown	255(this route will never be used)

Routing ProtocolsTrusted and 255 means no traffic will be passed via this route.

There are three classes of routing protocols:

Distance vector :The distance-vector routing protocols use a distance to a remote network to find the best path. Each time a packet goes through a router, it’s called a hop. The route with the least number of hops to the network is determined o be a best route. The vector is the determination of direction to the remote network. Examples of distance-vector routing protocols are RIP and IGRP.

Link state : Typically called shortest path first, the routers each create three separate tables. One of these tables keeps track of directly attached neighbors, one determines the topology of the entire internetwork, and one is used for the routing table. Link -state routers know more about the internetwork than any distance-vector routing protocol. An example of an IP routing protocol that is completely link state is OSPF.

Hybrid : Uses aspects of distance vector and link state, for example, EIGRP.

There is no set way of configuring routing protocols for use with every business. This is a task that is performed on a case-by-case basis. However, if you understand how the different routing protocols work, you can make good business decisions. This course and equivalent exam only cover distance-vector routing protocols and theory.

Idea of “The IEEE standardized protocol”-Part-9

Protocol type:

A field in the IP header that identifies the type of header that follows the IP header,typically a Layer 4 header,such as TCP or UDP.ACLs can examine the protocol type to match packets with a particular value in this header field.

PVC :

Permanent Virtual Circuit. A predefined VC.A PVC can be equated to a leased line in concept.

Q.921 :

An ITU-T specification for the ISDN User-Network Interface 9UNI) data link layer.

Q.931 :

An ITU-T specification for signaling to establish,maintain,and clear ISDN network connections.

Reference point :

An ISDN term that refers to the various interfaces between ISDN devices that implement different ISDN function groups.

RIP :

Routing Information Protocol.An Interior Gateway Protocol (IGP) supplied with UNIX Berkeley Standard Distribution (BSD)systems.Rip is the most common IGP in the Internet.It uses hop count as a routing metric.

Root bridge :

A bridge That exchanges topology information with designated bridges in a spanning-tree implementation to notify all other bridges in the network when topology changes are required.

Route summarization :

A consolidation of advertise address which causes a single summary route to be advertised.

RSTP :

Rapid Spanning Tree Protocol,defined in IEEE 802.1w,defines an improved version of STP that converges much more quickly and consistently than STP (802.1d).

SLSM :

Static-length subnet mask.The usage of the same subnet mask for all subnets of a single Class A,B,or C network.

Idea of “The IEEE standardized protocol”-Part-8

Packet switching :

Service in which each DTE device connects to a telco using  a single physical line,with the possibility of being able to forward traffic to all other sites.the telco switch makes the forwarding decision based on an address in the packet header.

PAP :

Password Authentication Protocol.An authentication protocol that allows PPP peers to authenticate one another.Unlike challenge handshake Authentication Protocol (CHAP),PAP passes the password and the host name or username in the clear (uncrypted).PAP is supported only on PPP lines.

Permit :

An action taken with an ACL hat implies that the packet is allowed to proceed through the router and be forwarded.

Poison reverse :

A routing update that explicity indicates that a network or subnet is unreachable,rather than implying that a network is unreachable by not including it in updates.poison reverse updates are sent to defeat large routing loops.

Port :

A TCP/IP transport layer header field found in TCP and UDP headers.Ports are numbers,and each numbered port is associated with a specific process.For example,SMTP is associated with port 25.

PPP :

Point-to-Point Protocol.A data- link protocol that provides router –to-router and hos-to-network connections over synchronous circuits.PPP was designed to work with several network layer protocols,such as IP,IPX,and Apple Talk Remote Access (ARA).

PRI :  

Primary Rate Interface.An ISDN interface to primary rate access consists of a single 64-kbps D channel plus 23 (T1) or 30 (E1) B channels for voice  or data.

Private addresses :

IP addresses in several Class A,B,and C networks that are set aside for use inside private organizations.These addresses,as defined in RFC 1918,are not routable through the internet.

Idea of “The IEEE standardized protocol”-Part-6

LMI :  Local Management Interface.the protocol used between a Frame Relay DCE and DTE to manage the connection.Signaling message,and keepalives are all LMI messages.

LSA : Link-State Advertisement.A packet used by link-state protocols that contains information about neighbors and path costs. LSA are used by the receiving routers to maintain their routing tables.

Mask :  See subnet mask.

Max Age timer :  An STP timer that defines how long a bridge or switch should wait after the last received hello message before believing that the network topology has changed,and it can no longer hear the hello messages sent by the root bridge or switch.

Metric :  A unit of measure used by routing protocol algorithms to determine the best pathway for traffic to use to reach a particular destination.

MLP :  Multilink Point-to-Point Protocol.A method of splitting,recombining,and sequencing datagrams across multiple point-to-point WAN links.

MTU :  Maximum Transmission Unit.The maximum packet size,in bytes,that a particular interface can handle.

NAT : Network Address Translation.A mechanism for reducing the need for globally unique IP addresses.NAT allows an organization with addresses that are not globally unique to connect to the internet by translating those addresses into globally routeable address space.

NBMA :  Non Broadcast Multi Access.A network in which broadcasts are not supported,but more than two devices can be connected.

neighbor : A router that has an interface to a common network.

OSPF : Open Shortest Path First.A link-state,hierarchical Interior Gateway Protocol (IGP)routing algorithm proposed as a successor to Routing Information Protocol(RIP) in the Internet community. OSPF features include least-cost routing, multipath routing,and load balancing. OSPF was derived from an early version of the Intermediate System- to- Intermediate System (IS-IS) protocol.

Ideas of Variable Length Subnet Mask (VLSM) ………

VLSM: 

Variable Length Subnet Mask is a technique that network administrators employ in order to use their IP subnet(s) in a more effective manner. By using VLSM, a long mask can be used on a network that has a few hosts and a short net mask on subnets that have a large number of hosts. To use VLSM, however, a routing protocol that supports it has to be used. Cisco routers support the concept with the following protocols: Integrated IS-IS (Integrated Intermediate System to Intermediate System), EIGRP (Enhanced Interior Gateway Routing Protocol), RIP v2, Open Shortest Path First (OSPF), and static routing. VLSM also allows more than one subnet mask within the same network address space, which is also referred to as “subnetting a subnet.

How VLSM works: 

Historically, routing protocols required that a single network use the same subnet mask. VLSM allows networks to have different subnet masks if the routing protocol on the network on which it is employed supports it. VLSM also breaks convention in that it uses the first and last subnets, which were traditionally reserved to alleviate the confusion caused when the network and subnet had the same address. When this is done, VLSM supports eight usable subnets that can each support 30 hosts.

Where is VLSM used: 

VLSM is often used in a college campus environment. If the network administrator has a Class B block of addresses to use on several campuses, he/she normally uses variable length subnets. The subnets may then be further divided by building and workgroup on the campuses, which would require different numbers of addresses. If fixed subnet masks were used to allocate the same number of IP addresses to the locations, a number of addresses would be wasted. If VLSM is employed, then there is less waste in the allocated address space across all of the campus locations, giving more room for network growth.

Creating Site To Site VPN (Virtual Private Network)

CREATING SITE TO SITE VPN

Let you have two router situated in different place like one in Chittagong  and other in Dhaka and are connected separately  throw different public network. You want to communicate between them and transfer data securely such as they are connected directly throw a serial cable and communicating. For this purpose we need creating a site to site virtual private network(VPN). Below I will give an example of that and configuration.   

Router 0:
Router#config t
Router(config)#hostname R0
R0(config)#int f0/1
R0(config-if)#ip address 192.168.1.1 255.255.255.0
R0(config-if)#no shut
R0(config-if)#exit
R0(config)#int s0/0/0
R0(config-if)#ip address 10.1.1.1 255.255.255.0
R0(config-if)#no shut
R0(config-if)#clock rate 64000
R0(config-if)#exit

R0(config)#crypto isakmp policy 10
R0(config-isakmp)#encryption aes 256
R0(config-isakmp)#authentication pre-share
R0(config-isakmp)#group 5
R0(config-isakmp)#lifetime 3600
R0(config-isakmp)#exit
R0(config)#crypto isakmp key cisco123 address  10.2.2.1
R0(config)#crypto ipsec security-association lifetime seconds 1800
R0(config)#crypto ipsec transform-set 50 esp-sha-hmac
R0(config)#crypto map CMAP 10 ipsec-isakmp
R0(config-crypto-map)#set peer 10.2.2.1
R0(config-crypto-map)#set security-association lifetime seconds 900
R0(config-crypto-map)#set transform-set 50
R0(config-crypto-map)#set pfs group5
R0(config-crypto-map)#match address 101
R0(config)#int s0/0/0
R0(config-if)#crypto map CMAP
R0(config-if)#exit
R0(config)#access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
R0(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.2

ROUTER1:

Router#config t
Router(config)#hostname R1
R1(config)#int s0/0/1
R1(config-if)#ip address 10.1.1.2 255.255.255.0
R1(config-if)#no sh
R1(config-if)#ex
R1(config)#in s0/0/0
R1(config-if)#ip address 10.2.2.2 255.255.255.0
R1(config-if)#no sh

ROUTER2:
Router#conf t
Router(config)#hostname R2
R2(config)#int f0/0
R2(config-if)#ip address 192.168.3.1 255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#int s0/0/1
R2 (config-if)#ip address 10.2.2.1 255.255.255.0
R2 (config-if)#no shut
R2 (config-if)#clock rate 64000
R2 (config-if)#exit
R2(config)#crypto isakmp policy 10
R2 (config-isakmp)#encryption aes 256
R2 (config-isakmp)#authentication pre-share
R2(config-isakmp)#group 5
R2(config-isakmp)#lifetime 3600
R2(config-isakmp)#exit
R2(config)#crypto isakmp key cisco123 address  10.1.1.1
R2(config)#crypto ipsec security-association lifetime seconds 1800
R2 (config)#crypto ipsec transform-set 50 esp-sha-hmac
R 2(config)#crypto map CMAP 10 ipsec-isakmp
R2(config-crypto-map)#set peer 10.1.1.1
R2 (config-crypto-map)#set security-association lifetime seconds 900
R2 (config-crypto-map)#set transform-set 50
R2 (config-crypto-map)#set pfs group5
R2 (config-crypto-map)#match address 101
R2 (config)#int s0/0/1
R2 (config-if)#crypto map CMAP
R2(config-if)#exit
R2(config)#access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
R2(config)#ip route 0.0.0.0 0.0.0.0 10.2.2.2
END OF CONFIGURATION
POINT TO BE NOTED:
•    Use space exactly
•    Don’t worry about the routing path of router 1
FOR MORE INFO WATCH THE VIDIO.LINK IS BELOW

http://www.youtube.com/watch?v=aJB0E3_C4dQ

Idea of “The IEEE standardized protocol”-Part-5

hello timer:  An STP timer that dicates how often the root bridge or switch sends STP hello messages.It also dicates how often nonroot bridges and switches should expect to hear these hello messages.This term may also refer to the Hello timer used by OSPF,which defines how often a router sends OSPF Hello messages.

Hello:  A protocol used by OSPF systems to establish and maintain neighbor relationship.Can also refer to the STP Hello BPDU message generates by the root bridge in a Spanning Tree.

holddown:  A state into which a route is placed so that routers neither advertise the route nor accept advertisements about it for a specific length of time (the hold-down period).Holddown is used to flush bad information about a route from all routers in the network.A route typically is placed in holddown when a link in that route fails.

IGRP:  Interior Gateway Routing Protocol.An Interior Gateway Protocol (IGP) developed by Cisco to address the issues associated with routing in large ,heterogeneous networks.

ISDN:  Integrated Services Digital network.A communication protocol offered by telephone companies that permits telephone networks to carry data,voice,and other source traffic.

ISL:  inter-Switch link.A Cisco-proprietary protocol that maintains VLAN information as traffic flows between switches and routers.

LAPF:  Link Access Procedure Frame Bearer Services.defines the basic Frame relay header and trailer.The header includes DLCI<FECN<BECN<and DE bits.

learn:  Transparent bridges and switches learn MAC addresses by examining the source MAC addresses to frame they receive.They add each new MAC address ,along with the port number of the port on which it learned of the MAC address,to an address table.

leased line:  A transmission line reserved by a communications carrier for customer’s private use.A leased line is a type of dedicated line.

link-state:  A type of routing protocol which sends full topology information about the network to all routers,so they all have a consistent view of the network topology and status.link-state algorithms create a consistent view of the network and therefore are not prone to routing loops.however,they achieve this at the cost of relatively greater computational difficulty and more-widespread traffic (compared with distance vector routing algorithms).