Step 3: Download and Install Security Device Manager

Step 1:   SMB Support Assistant Site Survey     Step 2:   Set Up Your 800 or SB 100 Router Hardware                   Set Up Your 1700 Series Router Hardware                   Set Up Your 1800 Series Router Hardware                   Set Up Your 2600 Series Router Hardware                   Set Up Your 2800 Series Router Hardware                   Set Up Your 3800 Series Router Hardware     Step 3:  Download and Install Security Device Manager                       Introduction                       Requirements                       Prepare Your Router to Support SDM                            Connect to the Router                            Verify the Software Image on the Router                            Verify Router Flash Memory                            Erase Webflash Memory                            Configure Your Router to Support SDM                       Download SDM                            Confirm Connectivity to the Router                            Install Security Device Manager                       Next Step                       Troubleshoot the Procedure                            Reclaim Flash Memory                       Related Information     Step 4:   Configure Your Router with Security Device Manager     Step 5:   Configure Wireless Security on an Integrated Services Router (ISR Only)     Step 6:   Add or Remove a Wireless User on an Integrated Services Router (ISR Only)     Step 7:   Set Up an ADSL Internet Connection                   Set Up an Ethernet Internet Connection                   Set Up an ISDN Internet Connection                   Set Up a T1, E1, or Serial Internet Connection     Step 8:   Set Up Internet Security on a Cisco Router

Download PDF   Step 3: Download and Install Security Device Manager    Set Up Your Cisco Router

Introduction

Security Device Manager (SDM) allows you to manage your Cisco router with a graphical web interface. This document explains how to install SDM on your router if SDM is not already installed on your router.

Back to Top

Requirements

To perform the steps described in this document, you need to have these items:

• A PC with an Internet connection

• A crossover Ethernet cable

Back to Top

Prepare Your Router to Support SDM

Before you download SDM, you need to make changes to your router to support SDM. To prepare your router to support SDM, follow these steps:

Connect to the Router

To connect to your router, follow these steps:

1. Create a HyperTerminal connection to your router. For more information about how to create a HyperTerminal connection refer to the Create a HyperTerminal Connection document.

2. Log into the router. The default login is username cisco, password cisco. Otherwise, use the administrator login and password you entered in the Internet Worksheet (B10 and B11).

   Username: cisco
   Password:

   Note: If you do not know the password for your router, refer to Reset the Password on the Router.

3. Type enable to access the privileged mode. If you have set an enable password, use the password that you entered in the Internet Worksheet (B12).

   Router> enable
   Router#

Verify the Software Image on the Router

To confirm the version of Cisco IOS® software on your router, follow these steps:

Type show version to view your software version.

The command-line output looks similar to this example:

Router# show version
Cisco IOS Software, C831 Software (C831-K9O3Y6-M), Version 12.3(8)YG, RELEASE SOFTWARE (fc1)
Synched to technology version 12.3(10.3)T2
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Thu 16-Dec-04 23:46 by ealyon

If your Cisco IOS software version is earlier than 12.3, you must upgrade your software. For detailed instructions, refer to Upgrade the Software Image on a Cisco Router.

Verify Router Flash Memory

To verify the amount of space available in flash memory, type show flash to display details about flash memory usage.

Router#show flash

System flash directory:
File  Length   Name/status
  1   5638936  c831-k9o3y6-mz.123-2.XC2.bin
[5639000 bytes used, 19264680 available, 24903680 total]
24576K bytes of processor board System flash (Read/Write)

If you have at least 8 MB (8000000 bytes) available in flash memory, you do not need to remove files from flash memory in order to install SDM.

Note: If you have a wireless router, you need 9.7 MB available in flash memory to install Security Device Manager (SDM) with the wireless configuration module.

If you have less than 8 MB available in flash memory, you need to delete files before you install SDM. See Reclaim Flash Memory for instructions. If you have less than 8 MB of total flash memory, contact the SMB Technical Assistance Center (SMB TAC) for assistance.

Erase Webflash Memory

If you have an 830 series router, you need to remove Cisco Router Web Setup Tool (CRWS) files from from webflash memory in order to access SDM. To remove the files from webflash memory, follow these steps:

1. Type erase webflash and press Enter, and press Enter again to confirm.

   Router#erase webflash
   Erasing the webflash filesystem will remove all files! Continue? [confirm]
   

2. The router displays this message during the erase.

Erasing device... eeeeeeeeeeeeeeee ...erased
Erase of webflash: complete
Router#

Configure Your Router to Support SDM

To configure your router to support SDM, follow these steps:

1. Type configure terminal and press Enter to enter configuration mode.

   Router# configure terminal
   Enter configuration commands, one per line. End with CNTL/Z.
   Router(config)#

2. Type ip http server and press Enter to enable HTTP server.

   Router(config)#ip http server
   

3. Type ip http secure-server and press Enter to enable Secure HTTP server.

   Router(config)#ip http secure-server
   

4. Type ip http authentication local to enable local authentication.

   Router(config)#ip http authentication local
   

5. Type ip http timeout-policy idle 600 life 86400 requests 10000 and press Enter.

   Router(config)#ip http timeout-policy idle 600 life 86400 requests 10000
   

6. Type username username privilege 15 password 0 password to create a user account with configuration privileges. Use the username and password that you entered in the LAN Addressing Worksheet (B10 and B11).

   Router(config)#username username privilege 15 password 0 password
   
   

   Note: You will use this username and password to access SDM.

7. Enter these commands to enable telnet and SSH:

   1. Type line vty 0 4 and press Enter.

      Router(config)#line vty 0 4
      

   2. Type privilege level 15 and press Enter.

      Router(config-line)#privilege level 15
      

   3. Type login local and press Enter.

      Router(config-line)#login local
      

   4. Type transport input telnet ssh and press Enter.

      Router(config-line)#transport input telnet ssh
      

   5. Type exit and press Enter.

      Router(config-line)#exit
      Router(config)#

8. Type interface FastEthernet0 and press Enter to configure the Ethernet interface.

   Note: The name of the Ethernet interface varies with some router models. Review this table to confirm the name for the Ethernet interface on your router. For example, if your router interface lists Ethernet0, you need to enter the command interface Ethernet0.

   Router Model	First Ethernet Interface
   SOHO	Ethernet0
   800 Series	Ethernet0
   1760	FastEthernet0/0
   1700 Series	FastEthernet0
   1800	FastEthernet0/0
   2600 Series	FastEthernet0/0
   2800	FastEthernet0/0

   Router(config-if)#interface FastEthernet0
   Router(config-if)#

9. Type ip address ip-address subnet-mask with the IP address and subnet mask from the LAN Addressing Worksheet (L6A and L2A). Press Enter.

   Router(config-if)#ip address 192.168.10.1 255.255.255.0
   
   

10. Type no shutdown and press Enter to make the interface active.

    Router(config-if)# no shutdown
    

11. Type end to leave configuration mode.

    Router(config)#end
    Router

12. Type write memory to save the configuration.

    Router(config)#write memory
    Building configuration...
    [OK]

13. Click File > Exit to exit HyperTerminal.

Back to Top

Download SDM

To download the SDM files, follow these steps:

Note: SDM is provided on the CD included with your router. However, Cisco recommends that you download the software from Cisco.com to ensure that you have the most recent version.

1. Open http://www.cisco.com/pcgi-bin/tablebuild.pl/sdm.

2. Click the SDM-Vnn.zip file for the SDM version you want download.

3. Review the End User License Agreement and click Accept.

4. Click the SDM-Vnn.zip file to download the file.

5. Log in with your Cisco.com user ID and password to begin the download.

6. Extract the SDM-Vnn.zip file to your PC desktop. For more information about how to extract the files from .zip format, review the documentation for your zip utility.

Confirm Connectivity to the Router

To confirm connectivity between your PC and the router, follow these steps:

1. Change your PC IP address to an address that matches the router Ethernet IP address you entered in the LAN Addressing Worksheet (fields L6A and L2A). For example, if your router has IP address 192.168.10.1, change your PC to 192.168.10.2. To change your PC IP address, go to Control Panel > Network and Dial-Up Connections > TCP/IP Properties. For more information on how to configure an IP address on your PC, refer to Configure an IP Address on Your PC.

2. Connect the crossover cable to the RJ-45 Ethernet port of your PC and the yellow Ethernet port of the router.

   

3. Verify that your PC can send traffic to the router with a ping test.

   1. Click Start > Run

   2. Type command or cmd to launch a DOS prompt.

   3. Type ping router-IP-address and press Enter.

   For more information on how to do a ping test, refer to Troubleshoot Ethernet Connectivity.

   

4. Type exit and press Enter to close the window.

Install Security Device Manager

To install Security Device Manager, follow these steps:

1. Open the SDM folder on the desktop and double click the setup.exe file.

   

2. Click Next.

   

3. Choose I accept the terms of the license agreement and click Next.

   

4. Choose Cisco Router and click Next to install SDM on the router.

   

5. In the Hostname/IP Address field, enter the IP address from the LAN Addressing Worksheet (L6A). In the Username field, enter the username that you entered in the LAN Addressing Worksheet (B10). In the Password field, enter the password that you entered in the LAN Addressing Worksheet (B11).

   

6. SDM accesses the router with your login information. If SDM cannot access the router, see Troubleshoot the Procedure.

   

7. Choose Typical and click Next.

   

8. Check SDM: Install Cisco Router and Security Device Manager and Install Cisco SDM Express. If you have a wireless router, check WLAN: Install the Wireless Application. Click Next.

   Note: If you want to use Intrusion Prevention System (IPS), you need to upgrade your IOS image to Release 12.3(8)T4 or later. For more information, contact the SMB Technical Assistance Center (SMB TAC).

   

9. Click Install to begin installation.

   

10. The Installation Wizard copies the SDM files to the router.

    

11. Click Finish to complete the installation.

Back to Top

Next Step

You have now installed SDM on your router.

Refer to Configure your Router with Security Device Manager to configure your router with SDM.

Note: If you have an ASA Security Appliance in your network, refer to Configure Your Router with Security Device Manager for ASA.

Back to Top

Troubleshoot the Procedure

This section provides information about common problems that you may encounter. If this information does not solve your problem, contact the SMB Technical Assistance Center (SMB TAC) for assistance.

Reclaim Flash Memory

If there is insufficient space to copy the new software image into flash, the router displays an error message. To resolve this problem, you need to delete files from Flash memory and reclaim flash memory space. To reclaim flash memory, follow these steps:

1. Type show flash and press Enter to show the files in flash memory.

   System flash directory:
   File  Length   Name/status
     1   5877460  c1700-y-mz.123-12.bin
     2   3885056  sdm.tar
     3   1545     sdmconfig-1721.cfg
   [9764061 bytes used, 23528223 available, 33292284 total]
   32768K bytes of processor board System flash (Read/Write)

2. Review the files to determine what files you can delete. You can delete unused .cfg configuration files or .bin software image files.

   Caution: Ensure that you do not delete a .cfg configuration file or a .bin software image file that is in use.

3. Type del filename.ext to remove unnecessary files. Press Enter to confirm.

   Router# del filename.ext
   
   Router# Delete filename [filename.ext]?
   Router# Delete flash:filename.ext [confirm]
   Router#

4. Type squeeze flash to reclaim flash memory. Press Enter.

   Router# squeeze flash
   Squeeze operation may take a while. Continue? [confirm]
   squeeze in progress... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
   Rebuild file system directory...
   Squeeze of flash complete
   Router#
   

Back to Top

Related Information

• Cable Descriptions
• Configure an IP Address on Your PC
• Reset the Password on a Cisco Router
• Configure Your Router with Security Device Manager