Module-3

Device Configuration
 Module-3: Device Configuration
• Common issues in installing or configuring
information security devices
• Methods to resolve these issues
• Methods of testing installed/configured
information security devices
Common Router problems and solutions

1. Correct your Wi-Fi Security Settings

2. Update your Hardware or Firmware
3. Fix Overheating or Overloading
4. Remove MAC Address Restrictions
5. Check Wireless Signal Limitations
 Common Router problems and solutions

1. Correct your Wi-Fi Security Settings

– Network Mode: The router must be allowed to
accommodate all Wi-Fi models used by network clients.
For example, routers designed to run in 802.11g mode only
will not support 802.11n or old 802.11b devices. Adjust the
router to run in mixed mode to remedy this kind of
network failure.
– Security mode: Most Wi-Fi devices support
several network security protocols (typically different
variations of WEP(Wired Equivalent Privacy) and
WPA(Wireless Protected Access)). All Wi-Fi devices,
including routers belonging to the same local network,
shall use the same protection mode.
Common Router problems and solutions

Correct your Wi-Fi Security Settings

– Security key: Wi-Fi security keys are phrases or
sequences of letters and digits. All devices that
enter the network must be configured to use the
Wi-Fi key recognized by the router (or wireless
access point).
– WPA3 Personal
– WPA2/WPA3 Transitional – Mixed mode
– WPA2 Personal (AES)
Common Router problems and solutions

2. Update your Hardware or Firmware

– The reason for this step is twofold. You can take
benefit of any additional features and
improvements of the new version of the firmware.
Also, your router will normally receive any critical
security updates.
– Typically, you will have the choice of checking,
evaluating, downloading, and installing the latest
firmware on your router's administration tab. The
exact steps depend on the make and model of your
router, so check the specifics of the router
manufacturer's support site.
Common Router problems and solutions

3. Fix Overheating or Overloading

– You can set up a different Wi-Fi router or allow the
"Guest Network" option for your router.
– You can also set up a separate SSID and password for
your host network to avoid issues with your main
network.
– This segregation would also work with your smart
appliances and secure your key devices from attacks on
the Internet of Things.
– You can also use QoS (Quality of Service). QoS is a
feature on some routers that lets you prioritize traffic
according to the type of data being transmitted.
Common Router problems and solutions

4. Remove MAC Address Restrictions

– A number of network routers support a function
called MAC address filtering.
– While disabled by default, router administrators
can turn this function on and limit connections to
only those devices by their MAC address number.
– Check the router to ensure that either the MAC
address filtering is off or the MAC address of the
computer is included in the list of allowed
connections.
Common Router problems and solutions

5. Check Wireless Signal Limitations

– If you have a newer router, check if it supports the
5GHz band. Newer routers typically have dual-
band capabilities.
– By allowing dual bands, you could hold older
devices that only support slower G specification
on the 2.4GHz band and newer devices on the
beefier and faster 5GHz band.
– Essentially, this is like having two routers in one.
 Common Router problems and solutions
• Basic Faults
- Physical Layer Stuff
- Check the Interfaces
- Ping
- Check the Routing Table
- Is there a Firewall on the Computer?
- Any Access Lists?
- Is the VPN Up?
- Do the Protocols Match?
- Check for Human Error
- Verify Settings
Common Router problems and solutions

• Physical Layer Stuff:

– Check power issues. Look for power lights, check
plugs, and circuit breakers.
• Check the Interfaces:
– Use the command show ip interface brief or show
ipv6 interface brief to ensure that desired
interfaces are up and configured properly.
Common Router problems and solutions

• Ping:
– Use the ping and trace commands to check for
connectivity.
• Check the Routing Table:
– Use the show ip route or show ipv6 route
command to find out what the router knows. Is
there either an explicit route to the remote
network or a gateway of last resort?
Common Router problems and solutions

• Is there a Firewall on the Computer?

– If the problem involves a computer, check to
ensure that its firewall is not blocking packets.
– Sometimes there are computers at client locations
with firewalls in operation without the client’s
knowledge.
Common Router problems and solutions

• Any Access Lists?

– If the above steps don’t resolve the issue, check
for access-control lists that block traffic.
– There is an implicit “deny any” at the end of every
access-control list, so even if you don’t see a
statement explicitly denying traffic, it might be
blocked by an implicit “deny any.”
Common Router problems and solutions

• Is the VPN Up?

– If a VPN is part of the connection, check to ensure
that it is up. Use the show crypto family of
commands to check VPN connections.
– With VPN connections, each end of the
connection must mirror the other.
– For example, even something as seemingly
inconsequential as a different timeout value or a
different key lifetime can prevent a connection.
Common Router problems and solutions

• Do the Protocols Match?

– If you are trying to gain remote access to a server,
ensure that it supports the protocol you’re attempting
to use.
– For example, if the router hasn’t been configured to
support SSH and you use the default settings in PuTTY
which call for SSH, you won’t be able to connect.
– Also, some admins change the default port numbers,
so you may expect to use port 22 with SSH, but the
admin may have configured it to use a non-standard
port.
Common Router problems and solutions

• Check for Human Error:

– User errors can also be the source of errors. Check
to ensure that correct usernames and passwords
are being used, that you and the admin on the
other end of the connection are using the same
network addresses and matching subnet masks.
• Verify Settings:
– Do not make assumptions. Verify everything!
 Router Troubleshooting Tools
• Using Router Diagnostic Commands
– Cisco routers provide numerous integrated
commands to assist you in monitoring and
troubleshooting your internetwork.
 Router Troubleshooting Tools
• Using show Commands
– The show commands are powerful monitoring and
troubleshooting tools.
• Monitor router behaviour during initial installation
• Monitor normal network operation
• Isolate problem interfaces, nodes, media, or
applications
• Determine when a network is congested
• Determine the status of servers, clients, or other
neighbours
 Router Troubleshooting Tools
• Using debug Commands
– The debug privileged exec commands can provide a
wealth of information about the traffic being seen (or
not seen) on an interface, error messages generated
by nodes on the network, protocol-specific diagnostic
packets, and other useful troubleshooting data.
– In many situations, using third-party diagnostic tools
can be more useful and less intrusive than using
debug commands.
– Debug ip multicast redundancy
– Debug ip http url
 Router Troubleshooting Tools
• Using the ping Command
– To check host reachability and network connectivity, use the
ping exec (user) or privileged exec command.
– After you log in to the router or access server, you are
automatically in user exec command mode. The exec
commands available at the user level are a subset of those
available at the privileged level.
– In general, the user exec commands allow you to connect to
remote devices, change terminal settings on a temporary
basis, perform basic tests, and list system information.
– The ping command can be used to confirm basic network
connectivity on AppleTalk, ISO Connectionless Network
Service (CLNS), IP, Novell, Apollo, VINES, DECnet, or XNS
 Router Troubleshooting Tools
• Using the trace Command
– The trace user exec command discovers the
routes that a router’s packets follow when
traveling to their destinations.
– The trace privileged exec command permits the
supported IP header options to be specified,
allowing the router to perform a more extensive
range of test options.