A guide to preparing for and using the BRST to successfully create and load a the secure configuration file.
The Border Router Security Tool (BRST) is a free, open source, web based utility which asks for some information about your router and generates a recommended secure configuration file when you submit the information.
- Step 1: Create a backup file of the router's current configuration.
- Step 1a: Making a backup file of the router's current configuration:
- Step 1b: In your terminal emulation software, start a log file capture, then do a show run. Save the file created (Be sure to name the file with a .txt extension and save it to a location you'll remember).
- Step 1b1: If using TeraTerm, go to File, then Log in the menu. (Remember where you saved it and the name).
- Step 1b2: Make sure you're captured your entire configuration file.
- Step 1c: When using this method of backing up, you will have --more-- several times in the captured file. You will have to delete the lines that say --more-- before reusing the configuration.
- Step 1d: Depending on what you typed while doing this, you may also have additional text or output to remove at the top and bottom of the configuration.
- Step 2: Test that your backup configuration file works (complete steps 8 through 16 below with your existing configuration file prior to continuing).
- Step 3: Enter the information requested in the Normal or Advanced web form then click [Submit].
- Step 4: In your browser, select the text from the !Start Copying Config File Here! to the !Stop Copying Config File Here! labels.
- Step 5: Copy the selected text to the Windows, or Linux clipboard by right clicking and selecting "copy" or hitting Ctrl-C.
- Step 6: Open Notepad or the text editor or your choice and copy the contents into the text file.
- Step 7: Save a copy of the text file in a safe place, preferably in a place where it is backed up to backup media.
- Step 8: Clear your configuration by being in configure mode and typing write erase then reload.
- Step 9: Select and copy the contents of the text file to the Windows or Linux clipboard again, unless it's still there from before.
- Step 10: Open a terminal emulator such as Putty or TeraTerm and connect to your router via the Console port.
- Step 11: Once connected, paste the generated configuration file directly into the console.
- Step 12: Watch for any errors during the copying of the configuration file.
- Step 13: If there were no errors, type wr mem (write memory), or use the "official" command copy running-configuration startup-configuration and hit <enter>. You're done!
- Step 14: If there were errors, read them and search for answers (Google is your friend).
- Step 15: If the errors don't impact the functionality or security of your router, do Step: 13 above.
- Step 16: If the errors are serious, or your router won't function without resolving them, copy your original configuration file back onto the router, and try again when you find a solution.