Professional Documents
Culture Documents
S1(config)#enable secret cisco12345 S1(config)#line console 0 S1(config-line)#password ciscoconpass S1(config-line)#exec-timeout 5 0 S1(config-line)#login S1(config-line)#logging synchronous ---------------------------------HTTP S1(config)#no ip http server S1(config)#no ip http secure-server ------------------------------------PASS LENGTH security passwords min-length 10 ------------------------------------conf console pass, exectimeout och logging synchronous line console 0 ? R1(config-line)#password ciscocon ? R1(config-line)#exec-timeout 5 0 ? R1(config-line)#login ? R1(config-line)#logging synchronous ------------------------------------Conf password for the AUX port for R R(config)#line aux 0 R(config-line)#password ciscoauxpass R(config-line)#exec-timeout 5 0 R(config-line)#login ------------------------------------Encrypt clear text passwords. R(config)# service password-encryption ------------------------------------Conf local user database ? R(config)#username user01 secret user01pass ------------------------------------p3 S1Conf local user database. Create a local user account with MD5 hashing to encrypt the password. R(config)#username Admin01 privilege 15 secret Admin01pass ------------------------------------Enable AAA services. R(config)#aaa new-model S2 Implement AAA services for console access using the local database. R(config)#aaa authentication login default local none ..................................... SSH Configure a domain name. ?R#conf t ?R(config)#ip domain-name ccnasecurity.com Configure a privileged user for login from the SSH client. ? R(config)#username admin privilege 15 secret cisco12345
? ? ? ? ?
R(config)#line vty 0 4 R(config-line)#privilege level 15 R(config-line)#login local R(config-line)#transport input ssh R(config-line)#exit
S5 Generate RSA encryption key pair for the router. ? R(config)#crypto key generate rsa general-keys modulus 1024 ? R(config)#exit ? R(config)# ? S6: Verify SSH configuration. show ip ssh ? S7: Configure SSH timeouts and authentication parameters. ? Rconfig)#ip ssh time-out 90 ? Rconfig)#ip ssh authentication-retries 2 ???????????????????????????????????????????????????????????????????????????????? ???
SITE TO SITE S2 crypto map to the R R(config)#interface s0/0/1 R(config-if)#crypto map SDM_CMAP_1
S2: Configure trunk ports on S and S. S1(config)#interface FastEthernet 0/1 S1(config-if)#switchport mode trunk Configure port Fa0/1 on S2 as a trunk port. S2(config)#interface FastEthernet 0/1
S2(config-if)#switchport mode trunk c. Verify that S1 port Fa0/1 is in trunking mode with the show interfaces trunk command. S1#show interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1
Enable BPDU guard S1(config)#interface FastEthernet 0/5 S1(config-if)#spanning-tree bpduguard enable S1(config)#interface FastEthernet 0/6 S1(config-if)#spanning-tree bpduguard enable S2(config)#interface FastEthernet 0/18 S2(config-if)#spanning-tree bpduguard enable