How do I learn how to use a Cisco Router?
November 18, 2009 10:26 AM   Subscribe

How do I learn how to use a Cisco Router?

I arrived at my new job as a sysadmin for a small non-profit just after they had paid a consultant to upgrade their basic network infrastructure. One of the results of this upgrade is a Cisco 1812 Integrated Services Router that acts as our router/firewall/vpn. The router has been working fine since the install.

The problem is that I don't really understand the device and how to properly configure/troubleshoot it should changes need to be made. Of course I can pay the original consultant to come in any time I need a change but at $100/hour things get expensive very quickly. I have the user manual but it's seems to be written for someone who already knows how to use a Cisco product.

So, on to my question. How do I best go about learning how to use this device and leverage all of its bells and whistles? I'm not interested in learning how to configure an Enterprise Data Center (which seems to be how most Cisco documentation is directed) I just need to make this black box a little more transparent.
posted by talkingmuffin to Computers & Internet (12 answers total) 1 user marked this as a favorite
 
I started working in Network Operations for a fairly large regional bank whose network was completely comprised of Cisco hardware, despite having no significant experience with Cisco hardware.

I found O'Reilly's Cisco IOS In A Nutshell to be of inestimable value.

You might want to investigate the various training materials for the CCNA (Cisco Certified Network Associate) exam.

I would also recommend hitting up ebay to get an old, secondhand cisco router of some variety so that you can practice with impunity.
posted by namewithoutwords at 11:00 AM on November 18, 2009


I used to be Cisco small business certified and there were all kinds of online classes available on their web site to learn networking. This was about 9 years ago, but I imagine they still offer that sort of help to their customers and partners.

Worst case, any general networking / networking security book should help. At a certain level, a router is a router and a firewall is a firewall. The basics should apply the same regardless of the brand of product.
posted by COD at 11:03 AM on November 18, 2009


Prayer helps a lot with Cisco.
posted by bz at 11:10 AM on November 18, 2009 [2 favorites]


I appreciate the humour bz but is it really that bad?
posted by talkingmuffin at 11:35 AM on November 18, 2009


I would definitely look into CCNA training materials. A lot of books come with router/switch simulation software that you can practice with which are incredibly helpful. You can also get some Cisco gear dirt cheap on ebay if you want to practice with the real thing.
posted by zennoshinjou at 11:42 AM on November 18, 2009


You now what? I shouldn't have been flippant and I immediately regretted posting that.

But, yeah, for me Cisco, or any professional routing products, really, are really tough for me to to understand. I am technically oriented but apparently have no aptitude for routers or the language used to describe their functionality. They are really arcane to me.

You, on the other hand, may have a perfectly fine time with them.
posted by bz at 11:45 AM on November 18, 2009


I would also recommend hitting up ebay to get an old, secondhand cisco router of some variety so that you can practice with impunity.

You could do that, you can also play around with virtual router simulators on a spare PC.
posted by Burhanistan at 12:26 PM on November 18, 2009


I would also recommend hitting up ebay to get an old, secondhand cisco router of some variety so that you can practice with impunity.

That was my first thought. the upfront price can be costly, but something like this will give your the hardware you need for a test environment to run your own labs (that's the first hit I got off "ccna").

When I was going through Cisco training back in the day, 2 PCs, 3 routers, and a few switches (just those basic 5-port netgear boxes) were enough to at least get some basics for IOS programming and getting the machines to talk to eachother. That setup allowed setting up eth0 interfaces, firewall rules, routing tables console connection, port configurations, etc. Maybe not enough knowledge gathered for a full-scale deployment, but it was a decent way to get the basics to understand what the production box's telling me.

But, yeah, for me Cisco, or any professional routing products, really, are really tough for me to to understand. I am technically oriented but apparently have no aptitude for routers or the language used to describe their functionality. They are really arcane to me.

Yea, to each their own. While I don't work on Cisco equipment at work (it can be hard to justify the cost premium), the CLI and I were in union when I was doing Cisco stuff. I LOVED playing with Cisco equipment and the stuff made perfect logical sense to me.
posted by jmd82 at 1:53 PM on November 18, 2009


This is a good resource for general networking knowledge, which you will need in order to understand the user manuals. The site also has a virtual lab, but I have never tried using it so I can't give a review of that.

The Cisco books are good, but if you're the type who learns better in a classroom environment, you may want to see if your local community college offers Cisco Networking Academy courses.
posted by cottonswab at 2:03 PM on November 18, 2009


Small non-profit? Contact United Way to see if they know of volunteers with expertise, who may give you consultation/training. Look for a Cisco Users Group; people who can help you out with weird urgent questions.
posted by theora55 at 6:05 PM on November 18, 2009


The thing about IOS is that it's all command lines, like an old-school config.sys file. And like those files of old, you have to have each line properly configured or else it won't work or will cause %bad_thing%.

You need the book "Network Warrior. Need. Yes, need. Go. Now.

Not only will it teach you the hows, it will give you a good understanding of the "why". It's essential reading for new network admins and better than anything recommended thus far. You can even get a version for your iphone.

Here's the short list of to-do's:

1) Install a TFTP client on your PC. I use the free solar winds one because it's free.
2) Log into the unit (telnet probably) and download the running config. (this is also how you will back up the IOS and config)
3) Take a copy of the config, a copy of that book, and a copy of the router guide and go through it line by line to get a feel for what it's doing.
4*) If you didn't use SSH in step 2, figure out how to set it up. It's easy, improves security, and will get you more familiar with the CLI.

The problem is that I don't really understand the device and how to properly configure/troubleshoot it should changes need to be made.

What changes? Most of the time, the device config will remain static and you only need to check the logs. For the most part cisco hardware is binary - either it "just works" or it doesn't power up (or has some other massively obvious flaw). AFAIK on the 1800 series, other than a line card and memory there aren't any field replaceable parts. As long as you have the proper support from cisco you can have them double check your proposed changes. (You should have received a TAC support contract with the purchase; if not get yours setup ASAP). TAC is ridiculously useful and should be used often.

Barring hardware issues, the biggest "troubleshoot" issues you'll probably run into are firewall rule changes and IOS upgrades. Too big a subject for me to get into, but keep those in mind while you self-train.
posted by anti social order at 5:55 AM on November 19, 2009


In case anyone comes back to this question I should mention that I decided to remove the Cisco 1812 appliance. I added new hard drives to a older server we had lying around and installed Endian UTM.

So far I'm at 140 days of uptime with nary a problem. The software is easy to install, configure and maintain and it's linux based which means I have some idea of what's going on under the hood. In addition it offers features that the old Cisco device didn't such as traffic monitoring, SPAM filters and anti-virus scanning.

Endian is now the recipient of talkingmuffin's Seal of Approval (tm).
posted by talkingmuffin at 10:04 AM on May 27, 2010


« Older Talk me out of paying for a dedicated server!   |   Combining two clips into one (side-by-side not... Newer »
This thread is closed to new comments.