Saturday, March 2, 2013

Using a Cisco 2600 Router at Home

Hello everyone. I thought I would share my latest success with the world which was to set up my Cisco 2621 router running iOS 12.3(22) as my primary home router. Yes, I know the 2600 routers are older (most are end-of-life and end-of-support = obsolete) but they still work great, even for home-based networks.


I was able to set up my Cisco 2621 without experiencing any issues. I am not going to go into great detail in this article about all of the different IOS commands and what they mean. At the very least this article should give you a starting point for setting up a 2600 router in your home with NAT configured and some basic security. Also, I provided a port forwarding example.

I am performing these tasks on a Windows 8 desktop computer with a Cisco rollover cable connected to the console port on the back of the router and the serial port on the back of my desktop PC. I like to use PuTTY as the console and telnet client.

First things first, completely reset the router configurations back to the factory default settings. After that you can set it up.

Step 1: Set Hostname, standard device security, and telnet security.

I will define this router's hostname as "JD-2600" and save the configuration.

Router>enable
Router#configure terminal
Router(config)#
hostname JD-2600
JD-2600(config)#exit
JD-2600#write mem
JD-2600#exit
JD-2600>


Next, password for privileged EXEC mode (a.k.a. ENABLE mode) and terminal\console access, then enable the password encryption service to 'hide' the actual passwords in running-config and startup-config.

JD-2600>enable
JD-2600#configure terminal
JD-2600(config)#
enable secret DEFINE_YOUR_PASSWORD_HERE
JD-2600(config)#
service password-encryption
JD-2600(config)#line vty 0 4
JD-2600(config-line)#password DEFINE_YOUR_PASSWORD_HERE
JD-2600(config-line)#exit
JD-2600(config)#exit

JD-2600#write mem
JD-2600#exit
JD-2600>


Step 2: Configure the WAN and LAN Interfaces, and configure NAT.

JD-2600>enable
JD-2600#configure terminal
JD-2600(config)#int fa0/0
JD-2600(config-if)#description WAN Interface
JD-2600(config-if)#ip address dhcp
JD-2600(config-if)#
ip nat outside
JD-2600(config-if)#duplex auto
JD-2600(config-if)#speed auto
JD-2600(config-if)#no shutdown
JD-2600(config-if)#int fa0/1
JD-2600(config-if)#description LAN Interface
JD-2600(config-if)#ip address 192.168.0.254 255.255.255.0
JD-2600(config-if)#
ip nat inside
JD-2600(config-if)#duplex auto
JD-2600(config-if)#speed auto
JD-2600(config-if)#no shutdown
JD-2600(config-if)#exit
JD-2600(config)#ip classless
JD-2600(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
JD-2600(config)#
ip nat inside source list 1 interface FastEthernet0/0 overload
JD-2600(config)#access-list 1 permit 192.168.0.0 0.0.0.255
JD-2600(config)#
JD-2600(config)#exit
JD-2600#write memory


Port forwarding example:

JD-2600#configure terminal
JD-2600(config)#ip nat inside source static tcp 192.168.0.2 80 Fa0/0 80


Step 3: Final cleanup and config:

JD-2600#configure terminal
JD-2600(config)#ntp server us.pool.ntp.org
JD-2600(config)#clock timezone EDT –5    <This is for Eastern Daylight Time, –5 Hours>
JD-2600(config)#
ip subnet-zero
JD-2600(config)#ip cef
JD-2600(config)#exit
JD-2600#write mem
JD-2600#exit
JD-2600>


So that is pretty much it! The last thing I would recommend you do is set up a simple TFTP server and backup your configuration. The SolarWinds Free TFTP Server is a great option for Windows users.

If you have any questions or concerns on any of the commands listed above, you can click on some of them to go to Cisco’s knowledgebase article on that specific command. I hope this article helps you out with your own projects.

- Joe