Friday, January 27, 2012

HOW TO Setup Cisco SDM on a Router

Cisco Secure Device Manager (SDM)
Router configuration can be done by the command line interface, however the newer routers and IOS support the new Cisco SDM web-based device management control interface. I was told that the ICND1 Exam contains questions about the Cisco SDM interface. It would help to navigate through the menus.

Cisco SDM is supported on Cisco 830 Series, Cisco 1700 Series, Cisco 1800 Series, Cisco 2600XM Series, Cisco 2800 Series, Cisco 3600 Series, Cisco 3700 Series, Cisco 3800 Series, and some Cisco 7200 Series and Cisco 7301 routers.
Cisco SDM Wizards
Simple router configurations or even advanced settings using the Cisco SDM Wizards can be done remotely (obviously) from the web browser.  The commands take effect when you click Submit or OK, much the same way when you press the Enter key in the CLI. Wizards for the following configurations
Interface and connections: WAN interfaces for PPP, Frame Relay, HDLC, and even DHCP
Firewall: firewall settings
Security audit: perform a security audit on the router, or issue a lockdown (scary!)
IPS: Intrusion prevention system
QoS: Quality of Service policy for outgoing traffic on the WAN interfaces and IPSec tunnels

If it is not already setup by default, start with enabling https.

First create a secure password policy. Use the command
> conf t
> service password-encryption
> hostname myrouter1
> banner motd #Authorized use only... Enter your display message between the two hash signs#

Enable https on the router
> conf t
> ip http server
> ip http authentication local
> ip http timeout-policy idle 600 life 86400
> requests 1000

Create a user account
> username myusername privilege 15 secret 0 mypassword

Configure the user for access by ssh, telnet, local login
> conf t
> line vty 0 4
> privilege level 15
> login local
> transport input telent ssh
> exit

Cisco SDM is stored on the router in flash memory. Launch the Cisco SDM from the web browser window using https://routerIPaddress The java applet will load on the PC with a possible security warning about certificates. Accept the certificate. On the top menu bar there is a button "Configure". This brings the user to "global configuration mode" in a GUI format.


Posted by at 8:10 AM
Labels: ,

1 comment:

  1. AnonymousApril 10, 2022 at 4:58 PM

    The King Casino Hotel | Jamul Casino & Spa
    The https://vannienailor4166blog.blogspot.com/ King Casino Hotel is set 1 mile south of worrione Jamul Casino, 1 MPRC Blvd, Jamul, Georgia. https://jancasino.com/review/merit-casino/ View map. This casino offers a casinosites.one variety of gaming options including slots, herzamanindir.com/

    ReplyDelete

Subscribe to: Post Comments (Atom)