Free Cisco CCNA v7 SDM Configuration


Configuring Security Device Manager

Here you will find various Cisco CCNA 200-301 labs we have decided to provide FREE to you!  These labs were created and we felt they were not advanced enough for our CCNA Lab Workbook.  They are either not complex enough, do not cover multiple concepts, or do not have enough commentary explaining what we want to accomplish in each lab and why you are doing each step.  These labs are basically just simple configurations and not what we would really call labs. Why? Because they do not really help you learn.

You can install and run SDM on a router that is already in use without disrupting network traffic, but you must ensure that a few configuration settings are present in the router configuration file

Access the CLI using Telnet or the console connection to modify the existing configuration before installing SDM on your router

1) Enable the HTTP and HTTPS servers on your router by entering the following commands in global configuration mode:

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# ip http server

Router(config)# ip http secure-server

Router(config)# ip http authentication local

Router(config)# ip http timeout-policy idle 600 life 86400 requests 10000

If the router supports HTTPS, the HTTPS server will be enabled. If not, the HTTP server will be enabled. HTTPS is supported in all images that support the Crypto/IPSec feature set, starting from Cisco IOS release 12.25(T).

2) Create a user account defined with privilege level 15 (enable privileges). Enter the following command in global configuration mode, replacing username and password with the strings that you want to use:

Router(config)# username username privilege 15 secret 0 password 

For example, if you chose the username cisco and the password ccna, you would enter:

Router(config)# username cisco privilege 15 secret 0 ccna

You will use this username and password to log in to SDM.

3) Configure SSH and Telnet for local login and privilege level 15. Use the following commands:

Router(config)# line vty 0 4

Router(config-line)# privilege level 15

Router(config-line)# login local

Router(config-line)# transport input telnet ssh(if ssh is not supported, leave off the ssh in this command)

Router(config-line)# exit

If your router supports 16 vty lines, you can add the following lines to the configuration file:

Router(config)# line vty 5 15

Router(config-line)# privilege level 15

Router(config-line)# login local

Router(config-line)# transport input telnet ssh

Router(config-line)# exit


4) (Optional) Enable local logging to support the log monitoring function. Enter the following command in global configuration mode:

Router(config)# logging buffered 51200 warning

5) Enter the end command to leave configuration mode:

Router(config)# end


6)   Launch SDM.

7)   Enter the IP address of the pre-configured Ethernet Interface of on the router.

8)   It will bring up a browser screen asking you to input the IP address again.

9)   It will then prompt you for the username and password that you setup earlier.

10) It will prompt you again for your username and password.

11) You are in!

Feel free to browse around the GUI and menus.  The GUI will provide you ways to set up all of the labs we already have done via the SDM interface.  Now you can go back and redo all the labs using SDM.