We are always adding to, and updating the technical “how to’s” contained here.Â
When it comes to configuring a new Cisco router, much of the configuration depends on what type of router it is as well as the purpose it will serve. However, there are certain things you should configure on every new Cisco router. Hasn’t there been a command that you wished Cisco would make standard on every router? Every administrator has his or her own list of commands they use to configure a router “just right.”Â
Here’s a list of 10 commands that I think you should configure on every router (in no particular order).
Â
Configure a login account on the router, and use it on lines
Â
Here’s an example:
Router(config)# line con 0
Router(config-line)# login local
Router(config)# line aux 0
Router(config-line)# login local
Router(config)# line vty 0 4
Router(config-line)# login localÂ
Set a hostname on your router
In addition, you can configure a domain name on the router so it knows which DNS domain it’s in. Here’s an example:
cell_pe01(config)# ip domain name cellstream.comÂ
Encrypt router passwords
Set a password to enter Privileged Mode
This command encrypts the password with strong MD5 encryption so the prompt won’t display it in clear text. Here’s an example:
Router(config)# enable secret My$PasswordÂ
Disable the Web server
Router(config)# no ip http serverÂ
Configure command aliases
Router(config)# alias exec s sh run
Configure DNS, or disable DNS lookup
If you haven’t configured DNS on the router, the command prompt will hang until the DNS lookup fails. For that reason, I recommend one of two approaches.
One option is to disable DNS. Here’s how:
Router(config)# no ip domain-lookup
Router(config)# ip name-server 1.1.1.1Â
Set the router’s clock, or configure an NTP server
Router(config)# clock timezone CST -6
Router(config)# clock summer-time CDT recurring
Router# clock set 10:54:00 Oct 5 2005
Router(config)# ntp server 132.163.4.101Â
Stop logging messages from interrupting your configuration
If you’re on the console, you can either disable console logging with the global configuration no logging console command. Or, you can synchronize the logging messages with your command prompt.
So, on every line, I use the logging synchronous command. Here’s an example:
Router(config)# line con 0
Router(config-line)# logging synchronous
Router(config)# line aux 0
Router(config-line)# logging synchronous
Router(config)# line vty 0 4
Router(config-line)# logging synchronous
In addition, you can change the exec-timeout on these interfaces while you’re at it. For example, let’s say you want to disable the default 10-minute timeout on the VTY lines. To do so, use the exec-timeout 0 0 command when in Line Configuration Mode. This keeps the router from disconnecting after 10 minutes of inactivity.
Log system messages to the router’s buffer or a syslog server
Capturing errors and events on a router and monitoring the console can be critical to problem-solving. By default, the router doesn’t send buffered logging of its events to the router’s memory.
However, you can configure the router to send buffered logging of its events to the memory. Here’s an example:
Router(config)# logging buffered 16384
You could also send the router’s events to a syslog server. Since it’s external to the router, there’s an added benefit: It preserves events even if the router loses power.Â