南宁市教育城域网工程
路器根配置培训
神州数码网络
2007年3月
实验:登陆路器
实验目
1 学通CONSOLE接口配置路器
2 学通telnet 方式配置路器
3 学配置路器接口
4 学配置路器enable密码telnet 户名密码
5 保存配置
二应环境
1 设备初始设备般通CONSOLE接口进行
2 相应接口配置IP址开启相应效劳通telnet方式理路器
三实验设备
1 DCR2626台
2 PC机台
3 CONSOLE线缆条网线条
四实验拓扑
CONSOLE 口
TP0
网卡
网线
RS232
串口
五实验求
六实验步骤
1CONSOLE理
第步:配置线端路器CONSOLE口相连端PC机
串口相连图示
第二步:PC机运行终端仿真程序时设置终端硬件参数
(1)翻开超级终端
〔2〕设置连接名称
〔3〕选择连接接口般情况COM1
〔4〕点击复原默认值〞设置端口属性点击确定〞进入超级终端
第三步:路器加电超级终端会显示路器检信息检结束出现命
令提示Press RETURN to get started〞
System Bootstrap Version
Copyright 2006 by Digital China Networks(BeiJing) Limited
DCR2626 Series 2626
Loading DCR26V133Cbin
Start Decompress DCR26V133Cbin
############################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
Decompress 4850012 bytePlease wait system up
Digitalchina Internetwork Operating System Software
DCR2626 Series Software Version 133C RELEASE SOFTWARE
System start up OK
Router console 0 is now available
Press RETURN to get started
Jan 1 000007 Router System started
Jan 1 000016 Line on Interface Serial01 changed to down
Jan 1 000016 Line on Interface Serial02 changed to down
第四步:回车键进入户配置模式DCR2626路器出厂时没设置密
码输入enable 回车键进入特权模式需帮助时键入?〞查命令
Welcome to DCR MultiProtocol 2626 Series
Router>ena 进入特权模式
Router#Jan 1 000919 Unknown user enter privilege mode from console 0 level 15
Router# 查命令
cd Change directory
chinese Help message in Chinese
chmem Change memory of system
chram Change memory
clear Clear something
config Enter configurative mode
connect Open a outgoing connection
copy Copy configuration or image data
debug Debugging functions
delete Delete a file
dir List files in flash memory
disconnect Disconnect an existing outgoing network connection
download Download with ZMODEM
enable Turn on privileged commands
english Help message in English
enter Turn on privileged commands
execscript Execute a script on a port or line
exit Exit quit
format Format file system
help Description of the interactive help system
history Look up history
keepalive Keepalive probe
look Display memory
md Create directory
more Display the contents of a file
no Negate configuration
pad Login to remote node using X29
ping Test network status
pwd Display current directory
rd Delete a directory
reboot Restart router
rename Rename a file
resume Resume an active outgoing network connection
rlogin Open a rlogin connection
show Show configuration and status
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
upload Upload with ZMODEM
where Display all outgoing telnet connection
write Save current configuration
Router#
Router#Chinese 设置中文帮助
Router# 次查命令
cd 改变前目录
chinese 中文帮助信息
chmem 修改系统存数
chram 修改存数
clear
config 进入配置态
connect 翻开外连接
copy 拷贝配置方案存映
debug 分析功
delete 删文件
dir 显示闪存中文件
disconnect 断开活泼网络连接
download 通ZMODEM协议载文件
enable 进入特权方式
english 英文帮助信息
enter 进入特权方式
execscript 指定端口运行指定脚
exit 退回退出
format 格式化文件系统
help 交互式帮助系统描述
history 查历史
keepalive 保活探测
look 显示存数
md 创立目录
more 显示某文件容
no 取消配置
pad 通X29注册远程节点
ping 测试网络状态
pwd 显示前目录
rd 删目录
reboot 重启动路器
rename 改变文件名
resume 恢复活泼网络连接
rlogin 远程登录
show 显示配置状态
telnet 翻开telnet连接
terminal 设置终端参数
traceroute 踪目路
upload 通ZMODEM协议载文件
where 显示外telnet连接
write 保存前配置
Router#
2通telnet方式理路器
第步:设置路器太网接口址验证
Router#sh run
正收集配置
前配置
version 133C
service timestamps log date
service timestamps debug date
no service passwordencryption
interface FastEthernet00 查TP0接口信息
no ip address
no ip directedbroadcast
interface FastEthernet03
More Jan 1 001641 Configured from console 0 by UNKNOWN
no ip address
no ip directedbroadcast
interface Serial01
no ip address
no ip directedbroadcast
interface Serial02
no ip address
no ip directedbroadcast
interface Async00
no ip address
no ip directedbroadcast
ip setwancount 1
Router#config 进入全局配置模式
Router_config#interface fastEthernet 00 进入接口模式
设置IP址
Router_config_f00#no shutdown
Router_config_f00#exit
Router_config#exit
Router#sh interface f00 验证
FastEthernet00 is up line protocol is up 接口协议必须UP
address is 00e00f9c1e19
MTU 1500 bytes BW 100000 kbit DLY 10 usec
Encapsulation ARPA loopback not set
Keepalive not set
ARP type ARPA ARP timeout 000300
60 second input rate 0 bitssec 0 packetssec
60 second output rate 0 bitssec 0 packetssec
Fullduplex 100Mbs 100BaseTX 11 ii 1 oi
13 packets input 1500 bytes 200 rx_freebuf
Received 0 unicasts 0 lowmark 11 ri 0 input errors
0 overrun 0 CRC 0 framing 0 busy 0 long 0 discard 0 throttles
1 packets output 46 bytes 50 tx_freebd 0 output errors
0 underrun 0 collisions 0 late collisions 0 deferred 0 reTx expired
0 resets 0 lost carrier 0 no carrier 0 grace stop 0 bus error
0 output buffer failures 0 output buffers swapped out 0 tx errors
第二步:设置PC机IP址测试连通性
第三步:配置telnet户名密码enable密码
Router_config#aaa authentication login default local
Router_config#aaa authentication enable default enable
Router_config#username admin password 0 admin
Router_config#enable password 0 admin
第四步:PC机telnet路器
〔1〕运行 telnet 19216821出现结果:
七保存配置
Router_config#write
正保存前配置
OK
Router_config#
八考前须知
1 超级终端中配置路器操作时PC机输入输出设备
2 telnet理时先测试连通性
实验二:NAT 址转换配置
实验目
1 掌握址转换配置
2 掌握私址访问internet配置方法
二应环境
1 学校部私址机需访问internet
三实验设备
1 DCR2626台
2 PC机二台
3 CONSOLE线缆条网线二条
四实验拓扑
PC2
PC1
TP0
TP3
网线
网卡
五实验求
PC1模拟学校部机PC2模拟外网网络设备
配置效果:PC1PING通PC2
六实验步骤
1配置网接口TP0
Router_config#interface fastEthernet 00 进入连接部局域网接口-网口
定义网口IP址
Router_config_f00#ip nat inside 定义端口网口
Router_config_f00#exit
2配置外网接口TP3
Router_config#interface fastEthernet 03 进入连接外部网络接口-外网口
定义外网口IP址
Router_config_f03#ip nat outside 定义端口外网口
Router_config_f03#exit
3配置NAT访问控制列表
Router_config#ip accesslist extended test
创立判断否符合NAT处理控制列表
Router_config_ext_nacl#permit ip 19216820 2552552550 any
允许1921682024网段访问出
Router_config_ext_nacl#exit
4配置址翻译
Router_config#ip nat inside source list test interface fastEthernet 03
定义符合test数流源址访问外网时翻译成外网口f03IP址
5配置静态路
设置条默认路允许部网段访问出
七保存配置
Router_config#write
正保存前配置
OK
Router_config#
八测试
Pinging 222159802 with 32 bytes of data
Reply from 222159802 bytes32 time<1ms TTL255
Reply from 222159802 bytes32 time<1ms TTL255
Reply from 222159802 bytes32 time<1ms TTL255
Reply from 222159802 bytes32 time<1ms TTL255
Ping statistics for 222159802
Packets Sent 4 Received 4 Lost 0 (0 loss)
Approximate round trip times in milliseconds
Minimum 0ms Maximum 0ms Average 0ms
C\Documents and Settings\huangwei>
实验三:路器常配置
实验目
1 掌握路器常配置命令提高日常维护力
三实验设备
1 DCR2626台
2 PC机台
3 CONSOLE线缆条网线二条
四实验拓扑
PC2
PC1
TP0
TP3
网线
网卡
六实验步骤
1删telnet户密码
删telnet 户密码三种方式:
(1) Router_config#no username 123 (原户名) 回车删原户名密码
(2) Router_config#no aaa authentication login default
〔3〕假设法通Console监控路器通Console进入监控模式通more
startupconfig查找明文方式配置密码假设非明文保存效配置删startupconfig文件重新配置
测试:行设置telnet户密码通三种方法删户密码否效果
2enable密码删
重启路器住ctrl+break 键通Console进入监控模式
Welcome to DCR MultiProtocol 2626 Series Router
monitor#
boot reboot router
cd change directory
chinese help message in Chinese
chram change memory
copy Copy file into the router
date set system date
delete delete a file
dir list files in flash memory
download download with ZMODEM
english help message in English
exit exit quit
format format file system
ip IP configuration commands
md create directory
more Display the contents of a file
nopasswd remove enable password
ping Test network status
pwd display current directory
quit exit quit
rd delete a directory
reboot restart router
rename rename a file
show show configuration and status
upload upload with ZMODEM
monitor#delete startupconfig
monitor#reboot
Do you want to reboot the router(yn)y
通Console进入监控模式通more startupconfig查找明文方式配置密码假设非明文保存效配置删startupconfig文件重新配置
测试:行设置enable户密码通方法删密码否效果
3配置访问控制表控制网络病毒
(1) 设置条扩展访问控制列表
Router_config#ip accesslist extended attackport
〔2〕配置默认动作
Router_config_ext_nacl# deny tcp any any eq 1433
Router_config_ext_nacl# deny udp any any eq 1433
Router_config_ext_nacl# deny tcp any any eq 1434
Router_config_ext_nacl# deny udp any any eq 1434
Router_config_ext_nacl# deny tcp any any eq 139
Router_config_ext_nacl# deny udp any any eq 139
Router_config_ext_nacl# deny tcp any any eq 135
Router_config_ext_nacl# deny udp any any eq 135
Router_config_ext_nacl# deny tcp any any eq 136
Router_config_ext_nacl# deny udp any any eq 136
Router_config_ext_nacl# deny tcp any any eq 137
Router_config_ext_nacl# deny udp any any eq 137
Router_config_ext_nacl# deny tcp any any eq 138
Router_config_ext_nacl# deny udp any any eq 138
Router_config_ext_nacl# deny tcp any any eq 445
Router_config_ext_nacl# deny udp any any eq 445
Router_config_ext_nacl# deny tcp any any eq 4444
Router_config_ext_nacl# deny tcp any any eq 5000
Router_config_ext_nacl# deny udp any any eq 5000
Router_config_ext_nacl# permit ip any any
〔3〕accessllist 绑定特定端口特定方
Router_config#interface f00
Router_config_f00#ip accessgroup attackport in
Router_config_f00#interface f03
Router_config_f03#ip accessgroup attackport in
Router_config_f03#exit
4撤销命令
撤销某已键入命令者恢复某种默认值通常进入命令命令模式直接原命令前加关键字no
:太接口Fastethernet00配置全部恢复默认值全局模式做配置:
Router_config#no interface fastethernet 00
5恢复出厂设置
命令模式:特权模式者监控模式
命令:delete
例:Router#delete
this file will be erasedare you sure(yn)y
no such file
Router#reboot
Do you want to reboot the router(yn)y
确认重新启动路器恢复出厂设置
6查版信息
命令模式:特权模式全局配置模式接口模式路模式
命令:show Version
例:Router#show version
Digitalchina Internetwork Operating System Software
2626 Series Software Version 133C (MIDDLE) RELEASE SOFTWARE
Copyright 2006 by Digital China Networks(BeiJing) Limited
Compiled 20061101 173315 by system Image textbase 0x6004
ROM System Bootstrap Version
System image file is DCR26V133Cbin
DCR2626 (PowerPC) Processor
65536K bytes of memory8192K bytes of flash
Router uptime is 0002937 The current time 20020101 002937
Slot 0 SCC Slot
Port 0 10100Mbps fullduplex Ethernet
Port 1 2M fullduplex Serial
Port 2 2M fullduplex Serial
Port 3 10100Mbps fullduplex Ethernet
Router#
文档香网(httpswwwxiangdangnet)户传
《香当网》用户分享的内容,不代表《香当网》观点或立场,请自行判断内容的真实性和可靠性!
该内容是文档的文本内容,更好的格式请下载文档