Day 9: Configuration, IOS and Security

Sometimes you'll use static and default routes.
Any packet for which a router doesn't know the destination will be dropped or forwarded to the default route. This can be done like this:
ip route 0.0.0.0 0.0.0.0 {outgoing-interface | next-hop-address}

If you look in the routing table you'll see static routes identified with prefix S. This is how we manually configure static routes:
ip route 192.168.2.0 255.255.255.0 192.168.1.2

These can all be reviewed with show running-config, and show ip route.

Reviewing IOS configuration files management is also needed for the ICND1 exam. You can either copy/paste the show runs but preferably you have a trivial file transfer protocol (TFTP) server on your network.

• copy running-config tftp: you'll have to enter the ip/hostname of the server and destination filename (router-config).
• copy tftp running-config: restoring the file.

The show version command allows to check the name of the IOS image. We can use copy flash tftp to copy the IOS image from flash memory to a TFTP server. To restore it back we can use copy tftp flash.

It's very important to secure the telecommunications room or wiring closets in your facility. The main distribution facility (MDF) and intermediate distribution facilities (IDF) are the backbone of the network and should be protected. Access to these areas should be restricted. Besides this we also have to protect configuration privileges by adding password security. Don't forget that passwords are encrypted if the command service password encryption is entered.