Configuring Security Device Manager 

These labs are not as good as the labs in our full blown CCNA Lab Workbook.  The labs in our full blown CCNA lab workbook include theory as we step you through each lab, detailed information on why you are entering each command and review questions and answers at the end of the labs.  So these labs are ok for free…but we offer a much better product consisting of 60 labs covering 400 pages of CCNA material to help you pass your CCNA Certification Exam in the workbook at this link CCNA Lab Workbook!


You can install and run SDM on a router that is already in use without disrupting network traffic, but you must ensure that a few configuration settings are present in the router configuration file

Access the CLI using Telnet or the console connection to modify the existing configuration before installing SDM on your router

1) Enable the HTTP and HTTPS servers on your router by entering the following commands in global configuration mode:

Router# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)# ip http server

Router(config)# ip http secure-server

Router(config)# ip http authentication local

Router(config)# ip http timeout-policy idle 600 life 86400 requests 10000

If the router supports HTTPS, the HTTPS server will be enabled. If not, the HTTP server will be enabled. HTTPS is supported in all images that support the Crypto/IPSec feature set, starting from Cisco IOS release 12.25(T).

2) Create a user account defined with privilege level 15 (enable privileges). Enter the following command in global configuration mode, replacing username and password with the strings that you want to use:

Router(config)# username username privilege 15 secret 0 password 

For example, if you chose the username cisco and the password ccna, you would enter:

Router(config)# username cisco privilege 15 secret 0 ccna

You will use this username and password to log in to SDM.

3) Configure SSH and Telnet for local login and privilege level 15. Use the following commands:

Router(config)# line vty 0 4

Router(config-line)# privilege level 15

Router(config-line)# login local

Router(config-line)# transport input telnet ssh(if ssh is not supported, leave off the ssh in this command) 

Router(config-line)# exit

If your router supports 16 vty lines, you can add the following lines to the configuration file:

Router(config)# line vty 5 15

Router(config-line)# privilege level 15

Router(config-line)# login local

Router(config-line)# transport input telnet ssh

Router(config-line)# exit


4) (Optional) Enable local logging to support the log monitoring function. Enter the following command in global configuration mode:

Router(config)# logging buffered 51200 warning

5) Enter the end command to leave configuration mode:

Router(config)# end


6)   Launch SDM.

7)   Enter the IP address of the pre-configured Ethernet Interface of on the router.

8)   It will bring up a browser screen asking you to input the IP address again.

9)   It will then prompt you for the username and password that you setup earlier.

10) It will prompt you again for your username and password.

11) You are in!

Feel free to browse around the GUI and menus.  The GUI will provide you ways to setup all of the labs we already have done via the SDM interface.  Now you can go back and redo all the labs using SDM.