3.router Basics Part II

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11

Lab ID: 8.8K812A031.SAI1.

Stand-Alone Lab: Router Basics Part II


Objective
Learn how to properly congure a router. You would typically perform these types of tasks when setting up the
local area network (LAN) for a new ofce. Congure all three routers with basic settings: set the routers host
names, congure basic security, and congure a login banner.

Lab Topology
The topology in this lab contains three 2800 series Cisco routers.

S0/0/0

Router2

S0/0/1

S0/0/0

S0/0/0

Router1

Router3

Command Summary
Command

Description

banner login [delimiting-character message


delimiting-character]

congures a message that is displayed at user login attempts

banner motd [delimiting-character message


delimiting-character]

congures a message-of-the-day (MOTD) banner that can be


used to display a message at user login attempts

congure terminal

enters global conguration mode from privileged EXEC mode

enable

enters privileged EXEC mode

enable password password

sets the enable password

enable secret password

sets the enable secret password

end

ends and exits conguration mode

hostname host-name

sets the device name

line console 0

accesses console line conguration mode

line vty 0 4

enters conguration mode for virtual terminal (Telnet) lines

login

enables password checking

login local

changes a login user name

password password

species the password that is required for a user to log in

service password-encryption

applies encryption to all current and future passwords


congured on the device

show running-cong

displays the active conguration le

Boson NetSim Lab Manual

Lab Tasks
Task 1: Load the Initial Network Conguration
Make sure that the correct topology and conguration les for this lab are loaded. This will occur automatically
when you load this lab by using the Lab Navigator.

Task 2: Perform Initial Router Conguration


Congure basic security for Router1.
1.

From user EXEC mode, issue the enable command to enter privileged EXEC mode. Then congure a host
name of Router1 for the router.

2.

Congure an enable password of boson and an enable secret password of cisco on Router1.

3.

Test the passwords you congured by logging out of the router and then typing enable at the user
EXEC mode prompt. Try to use boson as the password to access privileged EXEC mode on Router1.
Authentication will fail because the enable secret password overrides the enable password. Therefore, if
both passwords are set, you must use the enable secret password to enter privileged EXEC mode. Enter
cisco to access Router1.

4.

Congure a password for Router1s console port by issuing the following commands:

Boson NetSim Lab Manual

5.

Test the passwords currently congured on Router1 by logging out of the router and then pressing the
ENTER key.

6.

Issue the show running-cong command to view the passwords congured on Router1. The following
sample output shows that the enable password and console password are stored in plain text. Conversely,
the enable secret password is stored in an encrypted form.

7.

Router1 can be congured to store current and future passwords in an encrypted form by using the
service password-encryption command. Issue the following commands to encrypt all current and future
passwords stored on Router1:

Boson NetSim Lab Manual

8.

Verify that the passwords congured on Router1 are not stored in plain text format.

9.

A Cisco device has the ability to be congured remotely by using a virtual terminal (vty) line. The line vty 0
4 command enables you to enter the conguration mode necessary to enable remote access to the device
and set remote access passwords. By default, the line vty password is stored as plain text. Congure a
password for Router1s vty lines by issuing the following commands:

Boson NetSim Lab Manual

10.

Issue the show running-cong command to view the password you congured for remote access. Note
that the vty password is stored in an encrypted form.

If service password encryption had not been congured on Router1, the password congured on the vty
lines would be displayed as shown below:


Boson NetSim Lab Manual

Task 3: Congure Banner Messages


Congure an MOTD banner and a login banner on Router1. Banners are used to display information about
devices or to display security messages.
1.

The banner motd command is used to congure a message that is displayed when a user accesses a
device. Issue the banner motd command followed by a delimiting character, and then press ENTER. Note
that the delimiting character should not be one you are going to use within the message. Type the text of
the message you want to display; use This device is used to route trafc between departments. Next,
type the delimiting character so the router knows when you are nished entering text for the banner; use #
as the delimiting character.



2.

To view the banner, exit global conguration mode and exit the router. Press ENTER to display the banner.

3.

The banner login command is used to display a login message. This message is displayed when a device
is congured to require a user name and password. Congure You must be an authorized user to
access this device as the login banner on Router1; use $ as a delimiting character. Use MyName as the
user name and cisco as the password.

Boson NetSim Lab Manual

4.

Enter the following commands to view the banners congured on Router1. Note that when the login banner
and the MOTD banner are both congured, the MOTD banner is displayed rst, followed by the login
banner.

Task 4: Perform Initial Router Conguration


In this task, you will congure basic security and banners for Router2 and Router3.
1.

Congure Router2 with a host name of Router2 and Router3 with a host name of Router3. Then congure
boson as an enable password and cisco as an enable secret password on both routers. Which password
will be required the next time you issue the enable command to access privileged EXEC mode on Router2
or Router3? __________________________________________________________________________

2.

Congure cisco as a password for the console port of Router2 and Router3.

3.

On Router2, issue the show running-cong command to view the congured passwords. How are the
passwords displayed in the running conguration displayed? ____________________________________

4.

Congure Router2 and Router3 to store all current and future passwords in an encrypted form.

5.

Issue the commands necessary to enable remote access on Router2 and Router3. Use cisco as the
password where appropriate. How many simultaneous remote access sessions using Telnet can Router2
support? _____________________________________________________________________________
In what form will the password you congured in this step be stored in the running conguration? _______
____________________________________________________________________________________

Task 5: Congure Banner Messages


Congure an MOTD banner and a login banner on Router2 and Router3. Banners are used to display information
about devices or to display security messages.

1.

Congure This device is used to route trafc between departments as a message that will be displayed
when a user accesses Router2 and Router3. Use # as a delimiting character.

2.

Congure Router2 and Router3 to require a user name of MyName and a password of cisco to log in to
the console port. Congure You must be an authorized user to access this device as a login banner on
both routers. Use $ as a delimiting character.

Boson NetSim Lab Manual

Lab Solutions
Task 1: Load the Initial Network Conguration
No solution is required.

Task 2: Perform Initial Router Conguration


No solution is required.

Task 3: Congure Banner Messages


No solution is required.

Task 4: Perform Initial Router Conguration


1.

You should issue the following commands to congure Router2 and Router3 with the appropriate host
names and passwords. The enable secret password will be required the next time you issue the enable
command to access privileged EXEC mode on Router2 or Router3.

2.

You should issue the following commands to congure cisco as a password for the console port of Router2
and Router3:

Boson NetSim Lab Manual

3.

When you issue the show running-cong command to view the passwords congured on Router2, you
should receive the output displayed below with the enable password and console password stored in plain
text. The enable secret password is stored in an encrypted form.

4.

You should issue the service password-encryption command to store all current and future passwords
on Router2 and Router3 in an encrypted form.


5.

A Cisco device has the ability to be congured remotely using a virtual terminal line. The line vty 0 4
command enables you to enter the conguration mode necessary to enable remote access to the device
and set the remote access password. By default, the line vty password is stored as plain text. However,
the password congured on the vty lines in this step will be stored in an encrypted form because service
password encryption has been enabled. Router2 and Router3 can support ve simultaneous remote
access sessions using Telnet. Issue the following commands to enable remote access on both routers:

Boson NetSim Lab Manual

Task 5: Congure Banner Messages


1.

On Router2 and Router3, you should issue the following commands to congure the MOTD banner. The
MOTD banner is displayed when a user accesses a device.




2.

On Router2 and Router3, you should issue the following commands to congure the login banner:

10

Boson NetSim Lab Manual

Sample Conguration Script


Router1

Router1 (continued)


Copyright 19962012 Boson Software, LLC. All rights reserved. NetSim software and documentation are protected by copyright law.

11

Boson NetSim Lab Manual

You might also like