Configuring SDM Minimum Requirements
Learn how to configure the required pre-configuration on a Cisco Router for the Cisco Security Device Manager (SDM) java graphical user interface.
- Core Knowledge
- Lab Topology
- Initial Configs
- Lab Objectives
- Lab Instruction
Core Knowledge and Real World Scenarios
In the world of Cisco, Graphical User Interfaces are slowly becoming mainstream as Cisco attempts to push their Java based management GUI’s to compete with vendors such as Juniper, Adtran, Lucent, Redback and others. However, many engineers prefer configuring a Cisco devices via Command Line Interface (CLI).
Most engineers are disappointed with Cisco as there are now some types of configurations done via Cisco GUI’s that CANNOT be done using the command line. This of course has some enraged old school network engineers.
As of to date; September 20th, 2010 the Cisco SDM has been pronounced EoL/EoS (End of Life/End of Service) but if you’re taking the CCNA Exam (640-802) you may still encounter this GUI so with that being said, its best ti familiarize yourself with the SDM until Cisco has officially announced that the SDM is no longer on the CCNA exam.
Free CCNA Workbook will teach you how to configure the basic pre-configuration requirements and install the Cisco SDM GUI, after which you’ll be able to access the SDM via web browser. However, the Free CCNA Workbook does not go into detail in configuring a router using the Cisco SDM, that part is left up to you to explore the possibilities of Configuring a Cisco Router using the Security Device Manager.
Prior to installing Cisco SDM there are several lines of configuration required on a Cisco Router such as enabling the Cisco IOS HTTP web server, local authentication and of course the last important required configuration is the VTY line authentication. If you’re using GNS3 emulated routers then you’ll need to format flash: Since SDM is Java(TM) based application it basically acts as a program that knows all the commands required to configure a Cisco Router and logs into the router via telnet/ssh to configure the router via command line based on the changes you’ve made in the SDM GUI.
In this lab you will configure the required prerequisites for the Cisco SDM v2.5 installation on flash on R1. In the next lab you will continue on with installing the Cisco SDM v2.5 manually by copying the required files via TFTP to R1’s disk0.
Lab Logical Topology
The following logical topology is used in all labs found through out Section 13 of the CCNA Routing & Switching Workbook;
To view the physical cabling topology please visit the Topology page.
Lab Device Initial Configurations
No initial configurations are provided with this lab. Please continue on to the Lab Objectives.
Lab Prerequisites
- If you’re using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1.
- If you are using GNS3 than delete the link between R1’s FastEthernet0/0 and SW1’s FastEthernet0/1, than configure a NIO Cloud in GNS3 and bind it to your loopback adapter than connect it to R1’s FastEthernet0/0 interface. Ensure that you have IP connectivity between your PC and the GNS3 Router.
- If you’re using real hardware than ensure that R1’s FastEthernet0/0 interface is plugged into a network with DHCP and has IP connectivity to your PC.
- Ensure that you have a downloaded the Cisco SDM v2.5 ZIP file and have it extracted to a folder that you can easily navigate to; I.e; The Desktop.
Lab Objectives
In this lab you will complete the following objectives.
- Configure R1’s hostname and FastEthernet interface with an IP address that is able to communicate to the PC where the installation files are located at.
- Ensure that you’re able to ping the PC from which you’ll be executing the installation wizard.
- (GNS3 Only) – Prepare the Routers flash for the SDM installation by formatting Flash:
- Enable the IOS HTTP web services server and set it to authenticate to a local user database.
- Configure a local username and password with level 15 privileges that can be used to log into Cisco SDM via the web browser. Use the username of “ccna” and password “cisco”.
- Configure the VTY lines 0 through 4 to authenticate using the local database and accept incoming connections using TELNET or SSH only.
One More Thing…
It is recommended that you attempt to complete these lab objectives the first time without looking at the Lab Instruction section.
If you are a student preparing for the Cisco CCNA Certification Exam than you are more likely to remember how to complete these objectives if you attempt to complete them the first time on your own with the use of the core knowledge section found in this lab. You should only resort to the Lab Instruction section to verify your work.
Lab Instruction
Objective 1. – Configure R1’s hostname and FastEthernet interface with an IP address that is able to communicate to the PC where the installation files are located at.
If you’re using GNS3/Dynamips you’ll need to assign FastEthernet0/0 an IP address in the same subnet as the Loopback adapter of the host pc.
Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname R1 R1(config)#interface fa0/0 R1(config-if)#no shut R1(config-if)#ip address dhcp R1(config-if)# %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up R1(config-if)# R1(config-if)#line con 0 R1(config-line)#logging sync R1(config-line)#no exec-timeout R1(config-line)# %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet2/0 assigned DHCP address 10.1.1.4, mask 255.255.255.0, hostname R1 R1(config-line)#end R1# %SYS-5-CONFIG_I: Configured from console by console R1#
Objective 2. – Ensure that you’re able to ping the PC from which you’ll be executing the installation wizard.
Router#ping 192.168.2.25
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Router#
Objective 3. – (GNS3 Only) Prepare the Routers flash for the SDM installation by formatting Flash:
Only do this if you’re running GNS3! Note that erasing the flash on a real Cisco Router will erase the IOS image stored in flash: thus causing the router to fail upon booting if no IOS image is present; in which case you’ll need to recover the IOS image to flash.
SW1#erase flash:
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of flash: complete
SW1#
Objective 5. – Enable the IOS HTTP/HTTPS web server and configure the web server to authenticate to a local user database.
R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip http server R1(config)#ip http secure-server % Generating 1024 bit RSA keys, keys will be non-exportable...[OK] R1(config)# %SSH-5-ENABLED: SSH 1.99 has been enabled R1(config)# %PKI-4-NOAUTOSAVE: Configuration was modified. Issue "write memory" to save new certificate R1(config)#ip http authentication local R1(config)#
Objective 6. – Configure a local username and password with level 15 privileges that can be used to log into Cisco SDM via the web browser. Use the username of “ccna” and password “cisco”.
R1(config)#username ccna privilege 15 secret cisco
Objective 7. – Configure the VTY lines 0 through 4 to authenticate using the local database and accept incoming connections using TELNET or SSH only.
R1(config)#line vty 0 4 R1(config-line)#login local R1(config-line)#transport input telnet ssh R1(config-line)#end R1# *Sep 20 19:27:56.315: %SYS-5-CONFIG_I: Configured from console by console R1#
Now that you’ve completed all the objectives you’re ready to move onto Lab 13-2 – Installing the Cisco Security Device Manager GUI.
