Lab 13-1 – Configuring SDM Minimum Requirements

In this lab you will learn how to configure the required pre-configuration on a Cisco Router for the Cisco Security Device Manager (SDM) java graphical user interface.

Real World Application & Core Knowledge

In the world of Cisco, Graphical User Interfaces are slowly becoming mainstream as Cisco attempts to push their Java based management GUI’s to compete with vendors such as Juniper, Adtran, Lucent, Redback and others. However, many engineers prefer configuring a Cisco devices via Command Line Interface (CLI).


Most engineers are disappointed with Cisco as there are now some types of configurations done via Cisco GUI’s that CANNOT be done using the command line. This of course has some enraged old school network engineers.

As of to date; September 20th, 2010 the Cisco SDM has been pronounced EoL/EoS (End of Life/End of Service) but if you’re taking the CCNA Exam (640-802) you may still encounter this GUI so with that being said, its best ti familiarize yourself with the SDM until Cisco has officially announced that the SDM is no longer on the CCNA exam.

Free CCNA Workbook will teach you how to configure the basic pre-configuration requirements and install the Cisco SDM GUI, after which you’ll be able to access the SDM via web browser. However, the Free CCNA Workbook does not go into detail in configuring a router using the Cisco SDM, that part is left up to you to explore the possibilities of Configuring a Cisco Router using the Security Device Manager.

Prior to installing Cisco SDM there are several lines of configuration required on a Cisco Router such as enabling the Cisco IOS HTTP web server, local authentication and of course the last important required configuration is the VTY line authentication. If you’re using GNS3 emulated routers then you’ll need to format flash: Since SDM is Java(TM) based application it basically acts as a program that knows all the commands required to configure a Cisco Router and logs into the router via telnet/ssh to configure the router via command line based on the changes you’ve made in the SDM GUI.

In this lab you will configure the required prerequisites for the Cisco SDM v2.5 installation on flash on R1. In the next lab you will continue on with installing the Cisco SDM v2.5 manually by copying the required files via TFTP to R1′s disk0.

Read Me

Due to the instability of Dynamips when running on Windows, when attempting to install the Cisco SDM, the dynamips engine may crash. This lab is demonstrated using a Real cisco 2651XM however if you wish to attempt this lab you can use SW1 in the Free CCNA Workbook GNS3 topology.

The following logical topology will be used for this lab;

Lab Prerequisites

  • If you’re using GNS3 than load the Stub Area Networking GNS3 topology than start device(s); R1.
  • If you are using GNS3 than delete the link between R1′s FastEthernet0/0 and SW1′s FastEthernet0/1, than configure a NIO Cloud in GNS3 and bind it to your loopback adapter than connect it to R1′s FastEthernet0/0 interface. Ensure that you have IP connectivity between your PC and the GNS3 Router.
  • If you’re using real hardware than ensure that R1′s FastEthernet0/0 interface is plugged into a network with DHCP and has IP connectivity to your PC.
  • Ensure that you have a downloaded the Cisco SDM v2.5 ZIP file and have it extracted to a folder that you can easily navigate to; I.e; The Desktop.

Lab Objectives

  • Configure R1′s hostname and FastEthernet interface with an IP address that is able to communicate to the PC where the installation files are located at.
  • Ensure that you’re able to ping the PC from which you’ll be executing the installation wizard.
  • (GNS3 Only) – Prepare the Routers flash for the SDM installation by formatting Flash:
  • Enable the IOS HTTP web services server and set it to authenticate to a local user database.
  • Configure a local username and password with level 15 privileges that can be used to log into Cisco SDM via the web browser. Use the username of “ccna” and password “cisco”.
  • Configure the VTY lines 0 through 4 to authenticate using the local database and accept incoming connections using TELNET or SSH only.

Lab Instruction

Objective 1. – Configure R1′s hostname and FastEthernet interface with an IP address that is able to communicate to the PC where the installation files are located at.

Read Me

If you’re using GNS3/Dynamips you’ll need to assign FastEthernet0/0 an IP address in the same subnet as the Loopback adapter of the host pc.

Router>enable
Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface fa0/0
R1(config-if)#no shut
R1(config-if)#ip address dhcp
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config-if)#
R1(config-if)#line con 0
R1(config-line)#logging sync
R1(config-line)#no exec-timeout
R1(config-line)#
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet2/0 assigned DHCP address 10.1.1.4, mask 255.255.255.0, hostname R1

R1(config-line)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. – Ensure that you’re able to ping the PC from which you’ll be executing the installation wizard.

Router#ping 192.168.2.25

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Router#

Objective 3. – (GNS3 Only) Prepare the Routers flash for the SDM installation by formatting Flash:

NOTE: Do this only if you’re attempting to complete this lab using GNS3/Dynamips. Erasing the flash on a real Cisco Router will erase the IOS image stored in flash: thus causing the router to fail upon booting if no IOS image is present; in which case you’ll need to recover the IOS image to flash.

SW1#erase flash:
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of flash: complete
SW1#


Objective 5. – Enable the IOS HTTP/HTTPS web server and configure the web server to authenticate to a local user database.

R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip http server
R1(config)#ip http secure-server
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

R1(config)#
%SSH-5-ENABLED: SSH 1.99 has been enabled
R1(config)#
%PKI-4-NOAUTOSAVE: Configuration was modified.  Issue "write memory" to save new certificate
R1(config)#ip http authentication local
R1(config)#

Objective 6. – Configure a local username and password with level 15 privileges that can be used to log into Cisco SDM via the web browser. Use the username of “ccna” and password “cisco”.

R1(config)#username ccna privilege 15 secret cisco

Objective 7. – Configure the VTY lines 0 through 4 to authenticate using the local database and accept incoming connections using TELNET or SSH only.

R1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#transport input telnet ssh
R1(config-line)#end
R1#
*Sep 20 19:27:56.315: %SYS-5-CONFIG_I: Configured from console by console
R1#

Now that you’ve completed all the objectives you’re ready to move onto Lab 13-2 – Installing the Cisco Security Device Manager GUI.

1 comment so far

Add Your Comment
  1. bjay said: April 28, 2012 3:21 AM

    thanks a million
    now that freeccna has help us achieve CCNA we need freeCCNP !!!

Your Comment