Getting Started with Cisco Configuration Professional
Introduction
Downloads: This chapterpdf (PDF - 119.0KB) The complete bookPDF (PDF - 2.27MB) | Feedback

Introduction

Table Of Contents

Introduction

Understanding Cisco Configuration Professional

Initial Setup

Initial Setup for Deployed Devices

Initial Setup for Switches

Install Cisco CP


Introduction


This chapter introduces Cisco Configuration Professional (Cisco CP) and gives you the information that you need to start using it. This chapter contains the following sections:

Understanding Cisco Configuration Professional

Initial Setup

Install Cisco CP

Understanding Cisco Configuration Professional

Cisco Configuration Professional (Cisco CP) is a GUI based device management tool for Cisco access routers. This tool simplifies routing, firewall, IPS, VPN, unified communications, WAN and LAN configuration through GUI based easy-to-use wizards.

Cisco CP is a valuable productivity enhancing tool for network administrators and channel partners for deploying routers with increased confidence and ease. It offers a one-click router lockdown and an innovative voice and security auditing capability to check and recommend changes to router configuration. Cisco CP also monitors router status and troubleshoots WAN and VPN connectivity issues.

Cisco CP is free and you can download it from:http://www.cisco.com/en/US/products/ps9422/prod_release_notes_list.html.

Cisco Configuration Professional Express (Cisco CP Express) is a light weight version of Cisco CP. You can use Cisco CP Express to configure basic security features on the router's LAN and WAN interfaces. Cisco CP Express and a factory default configuration file are installed in Flash memory on routers that are shipped with Cisco CP. You can connect a PC directly to the device, and then use Cisco CP Express to configure LAN and WAN connections, a firewall, Network Address Translation, and make security settings before you place the device on the network in which it will operate. See the Initial Setup section to learn how to do this.

Initial Setup

Devices shipped with Cisco CP have a default configuration that allows you to connect a PC to an Ethernet port on the device and start configuration immediately. This initial configuration is accomplished using Cisco CP Express. You can use Cisco CP Express to give the device an IP address on the network in which it will operate, and the other basic configurations mentioned in the previous section. After you have configured the device and connected it to the network, you will be able to use Cisco CP to connect to the device over the network and make advanced configurations.

If the device is not connected to the network yet and you want to use Cisco CP Express to give it an initial configuration, use the procedure in this section.


Note If the device is already being used on your network, and you have installed Cisco CP on your PC, skip this procedure and read Initial Setup for Deployed Devices.



Step 1 The device default configuration file configures an IP address for one Ethernet interface, and that may configure the device as a DHCP server. Determine whether the device is configured as a DHCP server, and which Ethernet port to connect the PC to by referring to the following table.


Note If the router model you want to configure does not appear in the following table, see the Release Notes for Cisco Configuration Professional for updated information.


Device Model
DHCP Server
Connect PC to the Applicable Ethernet Port

Cisco 815, Cisco 86x, Cisco 88x, Cisco 180x, Cisco 1805, Cisco 1811, and
Cisco 1812

Yes

ACT Lnk, ETHERNET 10 BASE T, LAN, PWR Lnk, or SWITCH

Cisco 1841, Cisco 1861, Cisco 2801, Cisco 2811

No

Fast Ethernet 0/0

Cisco 28xx, Cisco 38xx

No

Gigabit Ethernet 0/0

Cisco 19xx, Cisco 29xx, Cisco 39xx

No

Gigabit Ethernet 0/0


Step 2 Connect the PC to the device appropriate port listed in the table.

Step 3 Configure the PC IP address by doing one of the following:

If the device is configured as a DHCP server, ensure that the PC is configured to accept an IP address from a DHCP server.

If the device is not configured as a DHCP server, configure the static IP address 10.10.10.2 on the PC, and use the subnet mask 255.255.255.248.

Step 4 Open an Internet Explorer browser window, and enter the IP address 10.10.10.1 to connect to the device and start Cisco CP Express.

Step 5 Complete the Cisco CP Express wizard to configure the device.


When you have completed initial setup and given the device an IP address on your LAN, you can use Cisco CP to connect to the device and perform additional configuration.

Initial Setup for Deployed Devices

If the device that you want to use Cisco CP to configure is already deployed, you should ensure that the device has a configuration that supports Cisco CP. The procedure in this section shows you how to add the required configuration statements.


Note The tasks that follow can also be accomplished using the Application > Setup New Device option in Cisco CP by connecting the PC to the console port of the device. See the topic Device Wizard in the Cisco Configuration Professional User Guide 2.5 at http://www.cisco.com/en/US/products/ps9422/products_user_guide_list.html for more details.



Step 1 Log on to the router through an Ethernet port.

Step 2 When the router displays the user EXEC mode prompt, enter the enable command, and the enable password, if one is configured, as shown below:

Router> enable
password password

Step 3 Enter config mode by entering the config terminal command, as shown in the following example.

Router> config terminal
Router(config)# 

Step 4 Using the command syntax shown, create a user account with privilege level 15.

Router(config)# username name privilege 15 secret 0 password

Step 5 If no router interface is configured with an IP address, configure one so that you can access the router over the network. The following example shows the interface Fast Ethernet 0 configured.

Router(config)# int FastEthernet0
Router(config-if)# ip address 10.10.10.1 255.255.255.248
Router(config-if)# no shutdown
Router(config-if)# exit

If you are going to connect the PC directly to the router, the PC must be on the same subnet as this interface.

Step 6 Configure the router as an http server for nonsecure communication, or as an https server for secure communication.

To configure the router as an http server, enter the ip http server command shown in the example:

Router(config)# ip http server

To configure the router as an https server, enter the ip http secure-server command shown in the example:

Router(config)# ip http secure-server

Step 7 Configure the router for local authentication, by entering the ip http authentication local command, as shown in the example:

Router(config)# ip http authentication local

Step 8 Configure the http timeout policy as shown in the example:

Router(config)# ip http timeout-policy idle 60 life 86400 requests 10000

Step 9 Configure the vty lines for privilege level 15. For nonsecure access, enter the transport input telnet command. For secure access, enter the transport input telnet ssh command. An example of these commands follows:

Router(config)# line vty 0 4
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet
Router(config-line)# transport output telnet
Router(config-line)# transport input telnet ssh
Router(config-line)# transport output telnet ssh
Router(config-line)# exit
Router(config)# line vty 5 15
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet
Router(config-line)# transport output telnet
Router(config-line)# transport input telnet ssh
Router(config-line)# transport output telnet ssh
Router(config-line)# end


Initial Setup for Switches

If the device that you want to use Cisco CP to configure is already deployed, you should ensure that the device has a configuration that supports Cisco CP. The procedure in this section shows you how to add the required configuration for the switch devices: CGS-2520-24TC and CGS-2520-16S-8PC.


Note The tasks that follow can also be accomplished using the Application > Setup New Device option in Cisco CP by connecting the PC to the console port of the device. See the topic Device Wizard in the Cisco Configuration Professional User Guide 2.5 at http://www.cisco.com/en/US/products/ps9422/products_user_guide_list.html for more details.



Step 1 Log on to the switch through the Console port or through an Ethernet port.

Step 2 When the switch displays the user EXEC mode prompt, enter the enable command, and the enable password, if one is configured, as shown below:

Switch> enable
password password

Step 3 Enter config mode by entering the config terminal command, as shown in the following example.

Switch> config terminal
Switch(config)# 

Step 4 Using the command syntax shown, create a user account with privilege level 15.

Switch(config)# username name privilege 15 secret 0 password

Step 5 If IP Address is not configured, configure one so that you can access the switch over the network. The following example shows the IP Address configured on interface Vlan1.

Switch(config)# interface Vlan1
Switch(config-if)# ip address 10.10.10.1 255.255.255.248
Switch(config-if)# no shutdown
Switch(config-if)# exit

If you are going to connect the PC directly to the switch, the PC must be on the same subnet as this interface.

Step 6 Configure the switch as an http server for nonsecure communication, or as an https server for secure communication.

To configure the switch as an http server, enter the ip http server command shown in the example:

Switch(config)# ip http server

To configure the switch as an https server, enter the ip http secure-server command shown in the example:

Switch(config)# ip http secure-server

Step 7 Configure the switch for local authentication, by entering the ip http authentication local command, as shown in the example:

Switch(config)# ip http authentication local

Step 8 Configure the http timeout policy as shown in the example:

Switch(config)# ip http timeout-policy idle 60 life 86400 requests 10000

Step 9 Configure the vty lines for privilege level 15. For nonsecure access, enter the transport input telnet command. For secure access, enter the transport input telnet ssh command. An example of these commands follows:

Switch(config)# line vty 0 4
Switch(config-line)# privilege level 15
Switch(config-line)# login local
Switch(config-line)# transport input telnet
Switch(config-line)# transport output telnet
Switch(config-line)# transport input telnet ssh
Switch(config-line)# transport output telnet ssh
Switch(config-line)# exit
Switch(config)# line vty 5 15
Switch(config-line)# privilege level 15
Switch(config-line)# login local
Switch(config-line)# transport input telnet
Switch(config-line)# transport output telnet
Switch(config-line)# transport input telnet ssh
Switch(config-line)# transport output telnet ssh
Switch(config-line)# end

Install Cisco CP

Install Cisco CP using the instructions in the Cisco Configuration Professional Quick Start Guide. This document is found on the Cisco CP CD. If you did not receive the CD, you can obtain this document from the following link:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_configuration_professional/guides/CiscoCPqsg.html

After you have installed Cisco CP, you can create a community, and start configuring the devices in it.