Aug 17, 2009

Advanced Password Cisco Router Configuration

To secure your router, you need configurable the password on your router. The password must be difficultly to guess. On Cisco Router, you can configure the password for line console, vty (telnet service) and password to access to EXEC mode. In turn, I will show you how to configure the password for three mode as mentioned above.

1. Console port for login local to the Router, the terminator must be attached directly to Router through this console port. To configure password for console port, you must execute the following command in Configuration mode
line console 0
password cisco
login

Password is cisco
2. Line VTY is responsible for enable the Telnet service on the Router. Execute the following command in Configuration mode
line vty 0 4
password cisco
login

To indicate specially the username and password for each user to telnet to the Router, you can configure a username and a password. To do this, execute the follwing command in Configuration Mode:
username thaolv password 0 thaolv
line vty 0 4
login local
exit

After this, you can telnet to this Rotuer by provide your username and password that configured. Here is the username: thaolv and password: thaolv
3. Enabling password for EXEC mode, you must execute the following command in Configuration mode:
enable secret cisco
By default, Password for the EXEC mode is encrypted in MD5 algorithm, Password for the line VTY and the line Console is not encrypted, but you can configure to encrypt these password by following command in Configuration mode:
service password-encryption
Now, your password for the line VTY and the line Console is encrypted in MD7 algorithm. Verify this by execute the following command in EXEC mode:

show running-config

R2#show run
Building configuration...

Current configuration : 893 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
username thaolv privilege 15 password 7 09584608160901
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Serial0/0
ip address 172.16.1.2 255.255.255.252
ip rip receive version 1 2
serial restart-delay 0
clock rate 64000
!
interface Serial0/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
!
router rip
version 2
passive-interface Loopback0
network 2.0.0.0
network 172.16.0.0
no auto-summary
!
ip http server
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login local
!
end



Author : Lâm Viết Thảo // 11:03 PM
Category:

0 comments:

Post a Comment

Comment if you have any question. Do not spam

 
Powered by Blogger.