Login Security 1

certskills
By certskills May 2, 2016 09:05

One of the first configuration items that becomes second nature is the configuration of basic password settings. But it is also easy to forget about the small differences in password security configuration once you get used to configuring your own lab the same way every time. This lab can give you some quick exercises on a few of those options.

Requirements

Configure console, Telnet, and enable mode security on all four devices in the figure as follows:

  • Protect console access for all device consoles with a password of ‘certskills’
  • Protect privileged mode for all devices using password “ccnaskills” while storing the password as an MD5 hash.
  • Protect Telnet access by requiring username/password login. To that end, create a username ‘person’ with a password of ‘access’ using the most secure option to configure the user.
  • Assume all device interfaces shown in the lab are up, working and correctly configured with IP addresses
  • Assume routing is configured and working correctly

 

 

Figure 1: Network Topology and Addresses

 

 

Initial Configuration

Examples 1, 2, 3 and 4 show the beginning configuration state of R1, R2, SW1 and SW2.

Example 1: R1 Config

 

Example 2: R2 Config

 

Example 3: SW1 Config

 

Example 4: SW2 Config

 

Answer on Paper, or Maybe Test in Lab

Next, write your answer on paper. Or if you have some real gear, or other tools, configure the lab with those tools.

To test your solution if you happen to try it with VIRL or real gear, connect to each device’s console to test the console passwords. Next, from one of the devices attempt to telnet to each of the other devices and verify the correct credentials are prompted and accepted. From either the console or from a telnet connection, then use the enable command, and test the enable passwords that you configured.

 

Do this Lab with Cisco’s VIRL

You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for the Virtual Internet Routing Lab (VIRL) software as well. The .VIRL file found here is a file that when used with VIRL will load a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well. This section lists any differences between the lab exercise and the .VIRL file’s topology and configuration.

Download this lab’s VIRL file!

All interfaces in topology match the lab figure.

Network Device Info:

The switch used in the lab is a Cisco IOS layer 2 switch. Note that if you happen to have a layer 3 switch, to use the initial configurations as shown in this lab, issue to no ip routing command on the switch. This command will disable the routing of IPv4 packets, making the layer 3 switch act only as a layer 2 switch.

Answers: IP Addresses 1
Answers: Login Security 1
certskills
By certskills May 2, 2016 09:05
Write a comment

No Comments

No Comments Yet!

Let me tell You a sad story ! There are no comments yet, but You can be first one to comment this article.

Write a comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories