Description
Managing Users and Access Control
Cisco 888E routers have a web-based user interface for managing users and access control. The following steps can be used to manage users and access control on the Cisco 888E router:
- Connect to the router using a web browser and enter the default login credentials (username: “cisco” and password: “cisco”).
- Go to the “Security” menu and select “AAA” (Authentication, Authorization, and Accounting).
- Under “AAA Local Users,” you can add new users, edit existing users, and delete users.
- To set up access control, go to the “Security” menu and select “ACLs” (Access Control Lists).
- Under “IP Access Lists,” you can create new access control lists and configure them to control access to the router’s various services and interfaces.
- You can also use the “IP Access Lists” to filter the traffic to and from the router interfaces.
It is important to note that this is a general overview, and the specific steps may vary depending on the version of the Cisco IOS software running on the router. It is always recommended to consult the documentation or a Cisco specialist to ensure proper configuration.
Securing the Router with Firewall and VPN
Configure the firewall on the router:
- Access the router’s command-line interface (CLI) by connecting to it via a terminal emulation program.
- Enter the command “configure terminal” to enter configuration mode.
- Type “firewall” to enter the firewall configuration mode.
- Use the command “ip access-list extended [access-list-name]” to create an access list for the firewall.
- Define the rules for the access list using the command “permit [protocol] host [source IP address] host [destination IP address]” or “deny [protocol] host [source IP address] host [destination IP address]”.
- Apply the access list to the router’s interfaces using the command “ip access-group [access-list-name] in” or “ip access-group [access-list-name] out”.
Configure the VPN on the router:
- Access the router’s CLI.
- Enter the command “configure terminal” to enter configuration mode.
- Type “crypto” to enter the VPN configuration mode.
- Use the command “crypto key generate rsa” to generate a public/private key pair for the router.
- Use the command “crypto map [map-name] [map-number] set peer [peer-IP-address]” to define the VPN peer.
- Use the command “crypto map [map-name] [map-number] set transform-set [transform-set-name]” to define the encryption and authentication algorithms for the VPN.
- Apply the VPN to the router’s interfaces using the command “crypto map [map-name] [map-number] interface [interface-name]”.
Test the firewall and VPN configuration by trying to access blocked resources from outside the network and verifying that the VPN is established with the peer.
Configuring Quality of Service (QoS)
- Connect to the CISCO888E-K9 router using a terminal emulator such as PuTTY.
- Enter privileged mode by typing “enable” and entering the correct password.
- Type “configure terminal” to enter configuration mode.
- Create a new policy map for QoS by typing “policy-map [policy-name]”. Replace [policy-name] with a name of your choice.
- Apply the policy to an interface by typing “interface [interface-name]”. Replace [interface-name] with the name of the interface you want to apply the policy to.
- Type “service-policy output [policy-name]” to apply the policy to outgoing traffic on the interface.
- Create a class for the traffic you want to prioritize by typing “class [class-name]”. Replace [class-name] with a name of your choice.
- Set the priority for the class by typing “priority [percentage]”. Replace [percentage] with a number between 1 and 99, representing the percentage of bandwidth to allocate to this class.
- Apply the class to a specific protocol or IP range by typing “match [protocol/IP range]”. Replace [protocol/IP range] with the specific protocol or IP range you want to apply the class to.
- Exit configuration mode by typing “exit” and then “exit” again.
- Verify the QoS configuration by typing “show policy-map” and “show interface [interface-name] service-policy”. Replace [interface-name] with the name of the interface you applied the policy to.
- Save the configuration by typing “write memory” to ensure that the changes persist after a reboot.
General Information
- Manufacturer Cisco Systems, Inc
- Manufacturer Part Number CISCO888E-K9
- Brand Name Cisco
- Type: Networking
- Sub-Type: 6 Port
- Product Series 800
- Product Model 888E
- Product Name 888E Integrated Services Router
- Product Type Router
Interfaces/Ports
- Total Number of Ports 6
- USB Yes
- Management Port Yes
- Number of Network (RJ-45) Ports 4
Performance
- Carrier Supported ISDN/DSL
- Broadband Transmission Speed 4.61 Mbit/s
- Broadband Transmission Technology SHDSL
Network & Communication
- Network Technology 10/100Base-TX
- Network Technology ISDN BRI
- Ethernet Technology Fast Ethernet
Management & Protocols
- Security Features
- Intrusion Prevention
- Content Filtering
- IPsec
- 3DES
- 128/192/256-bit AES
- Deep-Packet Inspection
- Keyword Blocking
- Adware
- Malware
- Spyware
- URL Blocking
- L2TP v3
- NAT
- Access Control Lists
- MAC Filtering
- SSH
Memory
- Standard Memory 256 MB
- Maximum Memory 768 MB
- Memory Technology DRAM
- Flash Memory 128 MB
Power Description
- Input Voltage 110 V AC
- Input Voltage 220 V AC
- Power Source Power Supply
