Advanced Mode

Advanced configuration page - lets you choose all of your options.

Be sure to follow the steps on the Start Here page prior to starting.

After completing the Start Here, fill out the form below and click "Submit" to receive a secure Cisco router configuration file.

About Your Router

Enter a few details about your router:

.
(
)
  •   

Router IP Information

Information relating to your router's interface names and IP addresses.

Gateway

This IP Address should be provided by your Internet Service Provider (ISP).

.
.
.

Outside (WAN) Interface

The Outside or Wide Area Nework (WAN) Interface is the one that connects your router to the Internet Service Provider's (ISP's) network.

.
.
.
.
.
.

Inside Interface

The Inside Interface is the one that connects the router to your Firewall or inside network.

.
.
.
.
.
.

Disabling Global Services

Many unneeded global services are on by default. We'll disable them here.

More information on protocols and services and recommended settings is available here.










Internet Interface Services

Let's disable the following services on the "outside" or Internet facing interface:





Inside Interface Services

Disable the following services on the "inside" or firewall facing interface.





Enable Good Services

These services can provide better security for your router and should be enabled:


Null Interface and Null Routing

Select whether to create a null interface (used for null, or "black hole" routing of unwanted traffic), and configure null routing.

that will be used for null routing.

to be used to dispose of invalid traffic.

Service IP's and Information

IP addresses for services and configuring access to the router.

Loopback Interface

Enter an IP address for your loopback interface (if you don't know, enter 127.0.0.1).

.
.
.

NTP Servers

Enter the IP addresses for your Network Time Protocol (NTP) Servers. (If you don't know, find one here.)

.
.
.
.
.
.

Securing Access

Configure Access, Authentication, and Authorization (AAA)

Enable AAA to be able to view the actions of users.

Remote Access Computer

Enter the IP address of a trusted computer you will use to access the router remotely.

Trusted IP: . . .

Disable Aux Port

The auxiliary port, if your router has one, is normally not needed and should be disabled. Uncheck this if your router does not have an aux port.

.

Console Port

The console port is used to access the router locally using a serial connection and terminal emulation software like Putty or TeraTerm.

VTY Port

The virtual terminal (vty) ports are used to connect to the router with remote access protocols like SSH.

Access Control Lists (ACL's)

Create inside and outside access control lists to control traffic flow to and through the router.

Restricting Command Access

Some commands that are available to all user levels should be restricted to administrator level.

User Information

Enter a user name and password (change the user name, password, and enable secret password in the text file you receive prior to loading into the router).

Logging

Provide some information to set up logging.

Interface name and IP address.

.
.
.

Syslog server IP address and DMZ subnet mask.

.
.
.
.
.
.

.
.
.