3.router Basics Part II
3.router Basics Part II
3.router Basics Part II
Lab Topology
The topology in this lab contains three 2800 series Cisco routers.
S0/0/0
Router2
S0/0/1
S0/0/0
S0/0/0
Router1
Router3
Command Summary
Command
Description
congure terminal
enable
end
hostname host-name
line console 0
line vty 0 4
login
login local
password password
service password-encryption
show running-cong
Lab Tasks
Task 1: Load the Initial Network Conguration
Make sure that the correct topology and conguration les for this lab are loaded. This will occur automatically
when you load this lab by using the Lab Navigator.
From user EXEC mode, issue the enable command to enter privileged EXEC mode. Then congure a host
name of Router1 for the router.
2.
Congure an enable password of boson and an enable secret password of cisco on Router1.
3.
Test the passwords you congured by logging out of the router and then typing enable at the user
EXEC mode prompt. Try to use boson as the password to access privileged EXEC mode on Router1.
Authentication will fail because the enable secret password overrides the enable password. Therefore, if
both passwords are set, you must use the enable secret password to enter privileged EXEC mode. Enter
cisco to access Router1.
4.
Congure a password for Router1s console port by issuing the following commands:
5.
Test the passwords currently congured on Router1 by logging out of the router and then pressing the
ENTER key.
6.
Issue the show running-cong command to view the passwords congured on Router1. The following
sample output shows that the enable password and console password are stored in plain text. Conversely,
the enable secret password is stored in an encrypted form.
7.
Router1 can be congured to store current and future passwords in an encrypted form by using the
service password-encryption command. Issue the following commands to encrypt all current and future
passwords stored on Router1:
8.
Verify that the passwords congured on Router1 are not stored in plain text format.
9.
A Cisco device has the ability to be congured remotely by using a virtual terminal (vty) line. The line vty 0
4 command enables you to enter the conguration mode necessary to enable remote access to the device
and set remote access passwords. By default, the line vty password is stored as plain text. Congure a
password for Router1s vty lines by issuing the following commands:
10.
Issue the show running-cong command to view the password you congured for remote access. Note
that the vty password is stored in an encrypted form.
If service password encryption had not been congured on Router1, the password congured on the vty
lines would be displayed as shown below:
The banner motd command is used to congure a message that is displayed when a user accesses a
device. Issue the banner motd command followed by a delimiting character, and then press ENTER. Note
that the delimiting character should not be one you are going to use within the message. Type the text of
the message you want to display; use This device is used to route trafc between departments. Next,
type the delimiting character so the router knows when you are nished entering text for the banner; use #
as the delimiting character.
2.
To view the banner, exit global conguration mode and exit the router. Press ENTER to display the banner.
3.
The banner login command is used to display a login message. This message is displayed when a device
is congured to require a user name and password. Congure You must be an authorized user to
access this device as the login banner on Router1; use $ as a delimiting character. Use MyName as the
user name and cisco as the password.
4.
Enter the following commands to view the banners congured on Router1. Note that when the login banner
and the MOTD banner are both congured, the MOTD banner is displayed rst, followed by the login
banner.
Congure Router2 with a host name of Router2 and Router3 with a host name of Router3. Then congure
boson as an enable password and cisco as an enable secret password on both routers. Which password
will be required the next time you issue the enable command to access privileged EXEC mode on Router2
or Router3? __________________________________________________________________________
2.
Congure cisco as a password for the console port of Router2 and Router3.
3.
On Router2, issue the show running-cong command to view the congured passwords. How are the
passwords displayed in the running conguration displayed? ____________________________________
4.
Congure Router2 and Router3 to store all current and future passwords in an encrypted form.
5.
Issue the commands necessary to enable remote access on Router2 and Router3. Use cisco as the
password where appropriate. How many simultaneous remote access sessions using Telnet can Router2
support? _____________________________________________________________________________
In what form will the password you congured in this step be stored in the running conguration? _______
____________________________________________________________________________________
1.
Congure This device is used to route trafc between departments as a message that will be displayed
when a user accesses Router2 and Router3. Use # as a delimiting character.
2.
Congure Router2 and Router3 to require a user name of MyName and a password of cisco to log in to
the console port. Congure You must be an authorized user to access this device as a login banner on
both routers. Use $ as a delimiting character.
Lab Solutions
Task 1: Load the Initial Network Conguration
No solution is required.
You should issue the following commands to congure Router2 and Router3 with the appropriate host
names and passwords. The enable secret password will be required the next time you issue the enable
command to access privileged EXEC mode on Router2 or Router3.
2.
You should issue the following commands to congure cisco as a password for the console port of Router2
and Router3:
3.
When you issue the show running-cong command to view the passwords congured on Router2, you
should receive the output displayed below with the enable password and console password stored in plain
text. The enable secret password is stored in an encrypted form.
4.
You should issue the service password-encryption command to store all current and future passwords
on Router2 and Router3 in an encrypted form.
5.
A Cisco device has the ability to be congured remotely using a virtual terminal line. The line vty 0 4
command enables you to enter the conguration mode necessary to enable remote access to the device
and set the remote access password. By default, the line vty password is stored as plain text. However,
the password congured on the vty lines in this step will be stored in an encrypted form because service
password encryption has been enabled. Router2 and Router3 can support ve simultaneous remote
access sessions using Telnet. Issue the following commands to enable remote access on both routers:
On Router2 and Router3, you should issue the following commands to congure the MOTD banner. The
MOTD banner is displayed when a user accesses a device.
2.
On Router2 and Router3, you should issue the following commands to congure the login banner:
10
Router1 (continued)
Copyright 19962012 Boson Software, LLC. All rights reserved. NetSim software and documentation are protected by copyright law.
11