TP3 Ghazi Ben Yahya

Download as pdf or txt
Download as pdf or txt
You are on page 1of 12

Université de Sousse

Institut Supérieur d’Informatique et des Techniques de


Communication

Compte rendu du
TP3 : Configure Cisco Routers for
Syslog, NTP,
and SSH Operations
Réalisé par :
GHAZI BEN YAHYA

3DNI 2
Topologie

Part 1: Configure OSPF MD5 Authentication


Step 1: Test connectivity. All devices should be able to ping all other IP addresses.
Step 2: Configure OSPF MD5 authentication for all the routers in area 0.

Step 3: Configure the MD5 key for all the routers in area 0.
Configure an MD5 key on the serial interfaces on R1, R2 and R3. Use the password MD5pa55 for key 1.

Step 4: Verify configurations.


a. Verify the MD5 authentication configurations using the commands show ip ospf interface.
b. Verify end-to-end connectivity.

Part 2: Configure NTP


Step 1: Enable NTP authentication on PC-A.
a. On PC-A, click NTP under the Services tab to verify NTP service is enabled.

b. To configure NTP authentication, click Enable under Authentication. Use key 1 and password NTPpa55
for authentication.
Step 2: Configure R1, R2, and R3 as NTP clients.

Verify client configuration using the command show ntp status


Step 3: Configure routers to update hardware clock.
Configure R1, R2, and R3 to periodically update the hardware clock with the time learned from NTP.

Exit global configuration and verify that the hardware clock was updated using the command show clock

Step 4: Configure NTP authentication on the routers.


Configure NTP authentication on R1, R2, and R3 using key 1 and password NTPpa55.
Step 5: Configure routers to timestamp log messages.
Configure timestamp service for logging on the routers

Part 3: Configure Routers to Log Messages to the Syslog Server


Step 1: Configure the routers to identify the remote host (Syslog Server) that will
receive logging messages

Step 2: Verify logging configuration.


Use the command show logging to verify logging has been enabled.
Step 3: Examine logs of the Syslog Server.
From the Services tab of the Syslog Server’s dialogue box, select the Syslog services button. Observe the
logging messages received from the routers.
Part 4: Configure R3 to Support SSH Connections
Step 1: Configure a domain name.
Configure a domain name of ccnasecurity.com on R3

Step 2: Configure users for login to the SSH server on R3.


Create a user ID of SSHadmin with the highest possible privilege level and a secret password of
ciscosshpa55

Step 3: Configure the incoming vty lines on R3.


Use the local user accounts for mandatory login and validation. Accept only SSH connections

Step 4: Erase existing key pairs on R3.


Any existing RSA key pairs should be erased on the router

Step 5: Generate the RSA encryption key pair for R3.


The router uses the RSA key pair for authentication and encryption of transmitted SSH data. Configure
the RSA keys with a modulus of 1024. The default is 512, and the range is from 360 to 2048.
Step 6: Verify the SSH configuration.
Use the show ip ssh command to see the current settings. Verify that the authentication timeout and
retries are at their default values of 120 and 3.

Step 7: Configure SSH timeouts and authentication parameters.


The default SSH timeouts and authentication parameters can be altered to be more restrictive. Set the
timeout to 90 seconds, the number of authentication retries to 2, and the version to 2.

Issue the show ip ssh command again to confirm that the values have been changed.

Step 8: Attempt to connect to R3 via Telnet from PC-C.


Open the Desktop of PC-C. Select the Command Prompt icon. From PC-C, enter the command to
connect to R3 via Telnet.

Step 9: Connect to R3 using SSH on PC-C.


Open the Desktop of PC-C. Select the Command Prompt icon. From PC-C, enter the command to connect
to R3 via SSH. When prompted for the password, enter the password configured for the administrator
ciscosshpa55
Step 10: Connect to R3 using SSH on R2.
To troubleshoot and maintain R3, the administrator at the ISP must use SSH to access the router CLI.
From the CLI of R2, enter the command to connect to R3 via SSH version 2 using the SSHadmin user
account. When prompted for the password, enter the password configured for the administrator:
ciscosshpa55.

You might also like