Network Infrastructure Configuration: Routers, Switches, and Firewalls

Configuring enterprise routers requires establishing system identification, interface parameters, routing protocols, and secure management channels. The following examples demonstrate a standardized CLI approach for deploying core routing functionality.

# System Identification
set system host-name Edge-Router-01

# Interface & Gateway Setup
configure interface GigabitEthernet0/0/1
 assign ipv4-address 192.168.10.1 255.255.255.0
 activate

set routing default-gateway 192.168.10.254

# Static & Dynamic Routing
set routing static-route 10.50.0.0/16 via 192.168.10.254

enable routing-protocol ospf process-id 100
 set router-id 1.1.1.1
 advertise network 192.168.10.0/24 area 0

enable routing-protocol bgp as-number 65001
 configure neighbor 203.0.113.2 as 65002
 announce network 198.51.100.0/24

# Secure Remote Access & Monitoring
enable remote-access ssh
 generate rsa-keypair 2048-bit
 create local-user netadmin role ssh-access

configure snmp community public-mib access read-only view standard-mib
 set snmp protocol-version v2c

Switch Management & Operations

Layer 2 switches handle MAC address learning, frame forwarding, and traffic segmentation. Proper configuration involves VLAN assignment, link aggregation, spanning tree optimization, and management plane hardneing.

# VLAN & Port Configuration
create vlan 20 name User-Network
configure port FastEthernet0/1
 set speed 1000mbps
 set duplex full
 assign vlan 20

# Link Aggregation (EtherChannel Equivalent)
configure port GigabitEthernet0/2
 set aggregation-group 5 mode active
configure port GigabitEthernet0/3
 set aggregation-group 5 mode active

# Layer 2 Control & Trunking
configure port GigabitEthernet0/24
 set link-type trunk
 permit vlan 10,20,30
enable spanning-tree protocol rapid-pst
 set root-priority 4096

# Management & Monitoring
create vlan-interface 99
 assign ipv4-address 172.16.100.50/24
configure snmp community mon-access access read-write

Firewall Security & Policy Enforcement

Firewalls enforce traffic filtering, sttaeful inspection, and address translation. Configuration focuses on defining access control lists, security zones, NAT rules, and comprehensive logging for audit trails.

# Access Control & Security Zones
define access-rule 101
 match source-address 10.0.0.0/8
 match destination-address 172.16.50.0/24
 match protocol tcp dst-port 443
 action permit

create security-policy Web-Traffic
 match zone Internal to zone External
 apply rule 101
 enforce action allow

# Network Address Translation
define nat-rule src-translate-01
 match original-source 10.0.0.0/24
 match original-dest any
 transform source to 203.0.113.5

# Auditing & Alerting
enable system-logging
 set log-level informational
 forward logs to syslog-server 10.0.0.50
configure alert-threshold connection-limit 5000

Tags: network-administration router-configuration switch-management firewall-security vlan

Posted on Thu, 14 May 2026 09:03:42 +0000 by colbyg

Hot Tags

©2026 Freaks City