Professional Documents
Culture Documents
Version I?.
WIVZMGI XMQIWXEQTW HIFYK YTXMQI
WIVZMGI XMQIWXEQTW PSK YTXMQI
RS WIVZMGI TEWW[SVHIRGV]TXMSR
LSWXREQI 6SYXIV
MT WYFRIX^IVS
SYXTYX SQMXXIH"
6 Boson NetSim Lab Manual
7. Finally, type one of the commands that will log you out of the router.
6SYXIVI\MX
or
6SYXIVHMWEFPI
Task 4: Congure Basic Security
Congure basic security for Router1.
1. From user EXEC mode, issue the enable command to enter privileged EXEC mode.
6SYXIV"IREFPI
6SYXIV
2. Basic router security is congured from global conguration mode. To enter global conguration mode on
Router1, you must issue the congure terminal command from privileged EXEC mode.
6SYXIVGSRJMKYVI XIVQMREP
6SYXIVGSRJMK
3. When you log in to the router, the host name is displayed in front of the prompt (either the " or the
prompt). The host name of a router is typically congured to enable you to determine the routers location
or function within the network. In this lab, you will congure the routers host name as Router1.
Router(config)=hostname RouterI
RouterI(config)=
4. The enable password controls access to privileged EXEC mode. This is a very important password
because, when it is congured, only those who know the password can access privileged EXEC mode to
make conguration changes. Issue the command necessary to set Router1s enable password to boson.
RouterI(config)=enable password boson
5. Test the password. Exit the router, and try to enter privileged EXEC mode. Notice that you have to enter
boson as the password in order to enter privileged EXEC mode.
RouterI(config)=exit
6SYXIVI\MX
6SYXIV"IREFPI
4EWW[SVHFSWSR
6SYXIVGSRJMKYVI XIVQMREP
RouterI(config)=
7 Boson NetSim Lab Manual
6. The enable password is stored as plain text in the routers conguration le. Because an enable password
is not encrypted, it is more secure to congure an encrypted password to control access to user EXEC
mode on a router. The enable secret password command stores the password in an encrypted form. Issue
the enable secret cisco command on Router1 to set the enable secret password to cisco.
RouterI(config)=enable secret cisco
7. Test this password by logging out of the router and then typing enable at the user EXEC mode prompt.
Try to use boson as the password to access privileged EXEC mode on Router1. Authentication will fail,
because the enable secret password overrides the enable password. Therefore, if both enable passwords
are set, you must use the enable secret password to enter privileged EXEC mode. Enter cisco to access
Router1.
RouterI(config)=exit
6SYXIVI\MX
6SYXIV"IREFPI
4EWW[SVHFSWSR
%YXLIRXMGEXMSR JEMPIH
4EWW[SVHGMWGS
6SYXIV
8. You can connect to a Cisco device remotely by using a protocol such as Telnet or locally by using a
console connection. Physical access is necessary to connect to the console connection on a Cisco device.
You should issue the following commands to congure a password for Router1s console connection:
6SYXIVGSRJMKYVI XIVQMREP
Enter configuration commands, one per line. End with CNTL/Z.
RouterI(config)=line console 0
RouterI(config-line)=login
PSKMR HMWEFPIH SR PMRI YRXMP TEWW[SVH MW WIX
RouterI(config-line)=password cisco
9. Test this password by logging out of the router and then pressing ENTER. With the console password
congured, you are required to provide a password before you can access user EXEC mode.
RouterI(config-line)=end
6SYXIVHMWEFPI
6SYXIV"I\MX
6SYXIV GSR MW RS[ EZEMPEFPI
4VIWW 6)8962 XS KIX WXEVXIH
4EWW[SVHGMWGS
6SYXIV"
8 Boson NetSim Lab Manual
10. Issue the enable command, and provide the password required to access privileged EXEC mode.
6SYXIV"IREFPI
4EWW[SVHGMWGS
6SYXIV
11. Sample conguration scripts are provided at the end of labs so that you can review the congurations
performed in the lab. You should note that the sample conguration script in this lab displays the plain
text enable password boson, the plain text console password cisco, and the encrypted enable secret
password cisco. The sample conguration script in this document is a copy of the show running-cong
command output from Router1 as it was displayed in NetSim when this document was created. The output
you receive may vary slightly.
9 Boson NetSim Lab Manual
Sample Conguration Script
Router1
Router1#show running-cong
Building conguration...
!
Version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router1
enable secret 5 $sdf$6978yhg$jnb76sd
enable password boson
!
ip subnet-zero
!
interface Serial0/0/0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/0/1
no ip address
no ip directed-broadcast
shutdown
!
interface FastEthernet0/0
no ip address
no ip directed-broadcast
shutdown
!
interface FastEthernet0/1
no ip address
no ip directed-broadcast
shutdown
!
ip classless
no ip http server
!
line con 0
login
password cisco
line aux 0
line vty 0 4
!
no scheduler allocate
end
Copyright 19962012 Boson Software, LLC. All rights reserved. NetSim software and documentation are protected by copyright law.