In this CCNA lab series we will learn how to secure our Router Console port and the Terminal sessions. I am going to set up my lab using Packet tracer 5.0, which is one of the best Router simulator available for practice and experiments. Before going through this hands on session, please check my article on Cisco IOS commands, this will give you brief idea about all the commands available in different different modes. Also, you can refer my article on Subnetting, this will help you to understand the IP addressing of the network devices.
Okay ! lets first set up our virtual lab.I am using a simple network architecture where I have taken 2 routers (R1 and R2) , 1 Switch SW1 and 3 Workstations (PC-1 and PC-2 and Router Console. In this scenario we will secure our Router R1.
All configuration commands have been mentioned in the network diagram.
CONFIGURATION
In R1:
1) we have assigned ip address to the serial port and the fast Ethernet port. In serial port, we also declared the clock rate speed , which is mandatory for all serial clock links.
2)After that, we have set console password as "cisco".
3) Then we have set password for Telnet sessions.
here the user mode password is "habib" and the enable encrypted password is "enaa".
Note: Routers support 5 telnet sessions and same password used for all.
In R2:
1)In R2, we have assigned ip address to the serial link and set the clock speed as 64000.
VERIFICATION
Console security:
To check, try to login to terminal session of router R1 via Router Console (which is directly connected to R1). Here the password to login is "cisco".
Terminal Security:
Try to launch a telnet session from PC-1 (commands are shown in the diagram)
first it will ask password for user mode(password is habib)
and then it will ask password for enable mode (password is enaa)
Hope you enjoyed reading this post. Let me know if have any suggestions or comments. I will be more than happy to include more advanced topics in future posts. Thank you !
Okay ! lets first set up our virtual lab.I am using a simple network architecture where I have taken 2 routers (R1 and R2) , 1 Switch SW1 and 3 Workstations (PC-1 and PC-2 and Router Console. In this scenario we will secure our Router R1.
All configuration commands have been mentioned in the network diagram.
In R1:
1) we have assigned ip address to the serial port and the fast Ethernet port. In serial port, we also declared the clock rate speed , which is mandatory for all serial clock links.
2)After that, we have set console password as "cisco".
3) Then we have set password for Telnet sessions.
here the user mode password is "habib" and the enable encrypted password is "enaa".
Note: Routers support 5 telnet sessions and same password used for all.
In R2:
1)In R2, we have assigned ip address to the serial link and set the clock speed as 64000.
VERIFICATION
Console security:
To check, try to login to terminal session of router R1 via Router Console (which is directly connected to R1). Here the password to login is "cisco".
Terminal Security:
Try to launch a telnet session from PC-1 (commands are shown in the diagram)
first it will ask password for user mode(password is habib)
and then it will ask password for enable mode (password is enaa)
Hope you enjoyed reading this post. Let me know if have any suggestions or comments. I will be more than happy to include more advanced topics in future posts. Thank you !
No comments:
Post a Comment