====== Ciscoルータを初期状態からsshログインできるまで設定する ======

設定が一切ない場合、起動時に「初期設定するか？」と聞かれるがお断りする。

<code>
         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: n
</code>

特権EXECに入り、パスワードを設定する。
<code>
Router>enable
Router#
Router(config)#enable password PASSWORD
Router(config)#service password-encryption 
<code>


インタフェースを見てみる。
Router#show interfaces status

Port    Name               Status       Vlan       Duplex Speed Type
Gi0                        disabled     1            auto    auto 10/100BaseTX/1000BaseT
Gi1                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi2                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi3                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi4                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi5                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi6                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT
Gi7                        notconnect   1            auto    auto 10/100BaseTX/1000BaseT

Router#show interfaces
GigabitEthernet0 is administratively down, line protocol is down 
  Hardware is Gigabit Ethernet, address is 0081.c4ae.ad97 (bia 0081.c4ae.ad97)
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Auto-duplex, Auto-speed
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:18, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     8 packets input, 1222 bytes, 0 no buffer
     Received 0 broadcasts (8 multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     11 packets output, 1637 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
(略)

#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#

Router(config)#line console 0
Router(config-line)#logging synchronous 

インターフェースの有効化
Router(config)#interface GigabitEthernet 0
Router(config-if)#no shutdown
*Jan  8 04:32:19.011: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to down
*Jan  8 04:32:21.491: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Jan  8 04:32:22.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Jan  8 04:32:50.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up

有効になったか確認
Router(config-if)#do show interfaces       
GigabitEthernet0 is up, line protocol is up 
  Hardware is Gigabit Ethernet, address is 0081.c4ae.ad97 (bia 0081.c4ae.ad97)
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set

インタフェースの数だけ繰り返す。

VLANの状態を確認してみる。
Router(config)#do show vlan-switch

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0, Gi1, Gi2, Gi3, Gi4, Gi5
                                                Gi6, Gi7
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
1002 fddi  101002     1500  -      -      -        -    -        1      1003
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0   
1005 trnet 101005     1500  -      -      1        ibm  -        0      0   


Router(config)#interface vlan 1 
Router(config-if)#ip address 172.16.0.254 255.255.0.0
Router(config-if)#no shutdown デフォで有効になっているが念のため

疎通確認
$ ping 172.16.0.254
PING 172.16.0.254 (172.16.0.254): 56 data bytes
64 bytes from 172.16.0.254: icmp_seq=0 ttl=255 time=3.138 ms
64 bytes from 172.16.0.254: icmp_seq=1 ttl=255 time=0.675 ms
^C
--- 172.16.0.254 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.675/1.906/3.138/1.231 ms

sshのアカウント作成
Router(config)#username USERNAME password PASSWORD

Router(config)#line vty 0 4
Router(config-line)#login local

SSHのみ許可
Router(config-line)#transport input ssh

ホスト名とドメイン名の設定
Router(config)#hostname RT
RT(config)#ip domain-name example.com

暗号鍵の設定
RT(config)#crypto key generate RSA             
The name for the keys will be: RT-L01-01.tokyo.lan.decomo.info
Choose the size of the key modulus in the range of 360 to 4096 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 2048
% Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 1 seconds)

SSHのバージョン2を使う
RT(config)#ip ssh version 2

設定保存
RT#write

*Jan  8 12:54:57.493: %SYS-5-CONFIG_I: Configured from console by console
Building configuration...
[OK]

$ ssh Decomo@172.16.0.254
Password: 
RT>