CCNA
CCNA
service password-encryption
security passwords min-length 10
username ADMIN algorithm-type scrypt secret cisco54321
exec-timeout 3 0
login local
-/- ACL-/-
ip access-list standard PERMIT-ADMIN
permit 192.168.10.10
-/- login -/-
login block-for 15 attempts 5 within 60
login quiet-mode access-class PERMIT-ADMIN
login delay 10
login on-success log
login on-failure log
show login
access-class 10 in
/M1/
match protocol http
match protocol https
match protocol dns
/M2/
match access-group 101
interface g0/0
zone-member security PRIVATE
interface s0/0/0
zone-member security PUBLIC
------------------------------chap 11----------------------------------------------
monitor session 1 source interface fastethernet 0/1
monitor session 1 destination interface fastethernet 0/2
show monitor
------------------------------chap 13----------------------------------------------
Configure 802.1x Port-Authentication
aaa authentication dot1x default group radius
dot1x system-auth-control
interface F0/1
switchport mode access
authentication port-control auto
dot1x pae authenticator
------------------------------chap 14----------------------------------------------
Implement Port Security
interface fa0/5
security mode access
switchport mode access
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address aaaa.bbbb.1234
switchport port-security mac-address sticky
show port-security
show port-security interface fa0/5
------------------------------chap 19----------------------------------------------
Configuring a Pre-Shared Key
crypto isakmp policy 1
hash sha
authentication pre-share
group 24
lifetime 3600
encryption aes 256
crypto isakmp key cisco12345 address 172.30.2.1
do show crypto isakmp policy
interface s0/0/0
crypto map R1-R2_MAP
do show crypto map