[ad_1]
2.5.5 Packet Tracer – Configure Preliminary Change Settings Teacher Model
Targets
Half 1: Confirm the Default Change Configuration
Half 2: Configure a Primary Change Configuration
Half 3: Configure a MOTD Banner
Half 4: Save Configuration Information to NVRAM
Half 5: Configure
Background
On this exercise, you’ll carry out primary change configurations. You’ll safe entry to the command-line interface (CLI) and console ports utilizing encrypted and plain textual content passwords. Additionally, you will discover ways to configure messages for customers logging into the change. These banners are additionally used to warn unauthorized customers that entry is prohibited.
Half 1: Confirm the Default Change Configuration
Step 1: Enter privileged mode.
You possibly can entry all change instructions from privileged mode. Nonetheless, as a result of most of the privileged instructions configure working parameters, privileged entry needs to be password-protected to stop unauthorized use.
The privileged EXEC command set contains these instructions contained in consumer EXEC mode, in addition to the configure command by which entry to the remaining command modes are gained.
a. Click on S1 after which the CLI tab. Press Enter
b. Enter privileged EXEC mode by coming into the allow command:
Change> allow Change#
Discover that the immediate modified within the configuration to replicate privileged EXEC mode.
Step 2: Study the present change configuration.
a. Enter the present running-config command.
Change# present running-config
b. Reply the next questions:
What number of FastEthernet interfaces does the change have? 24
What number of Gigabit Ethernet interfaces does the change have? 2
What’s the vary of values proven for the vty strains? 0 -15
Which command will show the present contents of non-volatile random-access reminiscence (NVRAM)?
present startup-configuration
Why does the change reply with startup-config just isn’t current?
It shows this message as a result of the configuration file was not saved to NVRAM. At present it is just positioned in RAM.
Half 2: Create a Primary Change Configuration
Step 1: Assign a reputation to a change.
To configure parameters on a change, it’s possible you’ll be required to maneuver between varied configuration modes. Discover how the immediate modifications as you navigate by the change.
Change# configure terminal Change(config)# hostname S1 S1(config)# exit S1#
Step 2: Safe entry to the console line.
To safe entry to the console line, entry config-line mode and set the console password to letmein.
S1# configure terminal Enter configuration instructions, one per line. Finish with CNTL/Z. S1(config)# line console 0 S1(config-line)# password letmein S1(config-line)# login S1(config-line)# exit S1(config)# exit %SYS-5-CONFIG_I: Configured from console by console S1#
Why is the login command required?
To ensure that the password checking course of to work, it requires each the login and password instructions
Step 3: Confirm that console entry is secured.
Exit privileged mode to confirm that the console port password is in impact.
S1# exit Change con0 is now accessible Press RETURN to get began.
Consumer Entry Verification Password: S1>
Word: If the change didn’t immediate you for a password, then you definitely didn’t configure the login parameter in Step 2.
Step 4: Safe privileged mode entry.
Set the allow password to c1$c0. This password protects entry to privileged mode.
Word: The 0 in c1$c0 is a zero, not a capital O. This password is not going to grade as right till after you encrypt it in Step 8.
S1> allow S1# configure terminal S1(config)# allow password c1$c0 S1(config)# exit %SYS-5-CONFIG_I: Configured from console by console S1#
Step 5: Confirm that privileged mode entry is safe.
a. Enter the exit command once more to sign off of the change.
b. Press and you’ll now be requested for a password:
Consumer Entry Verification Password:
c. The primary password is the console password you configured for line con 0. Enter this password to return to consumer EXEC mode.
d. Enter the command to entry privileged mode.
e. Enter the second password you configured to guard privileged EXEC mode.
f. Confirm your configurations by inspecting the contents of the running-configuration file:
S1# present running-configuration
Discover how the console and allow passwords are each in plain textual content. This might pose a safety threat if somebody is wanting over your shoulder.
Step 6: Configure an encrypted password to safe entry to privileged mode.
The allow password needs to be changed with the newer encrypted secret password utilizing the allow secret command. Set the allow secret password to itsasecret.
S1# config t S1(config)# allow secret itsasecret S1(config)# exit S1#
Word: The allow secret password overrides the allow password. If each are configured on the change, you will need to enter the allow secret password to enter privileged EXEC mode.
Step 7: Confirm that the allow secret password is added to the configuration file.
a. Enter the present running-configuration command once more to confirm the brand new allow secret password is configured.
Word: You possibly can abbreviate present running-configuration as
S1# present run
b. What’s displayed for the allow secret password? $1$mERr$ILwq/b7kc.7X/ejA4Aosn0
c. Why is the allow secret password displayed otherwise from what we configured?
The allow secret is proven in encrypted kind, whereas the allow password is in plain textual content.
Step 8: Encrypt the allow and console passwords.
As you seen in Step 7, the allow secret password was encrypted, however the allow and console passwords have been nonetheless in plain textual content. We’ll now encrypt these plain textual content passwords utilizing the service password-encryption command.
S1# config t S1(config)# service password-encryption S1(config)# exit
For those who configure any extra passwords on the change, will they be displayed within the configuration file as plain textual content or in encrypted kind? Clarify why?
The service password-encryption command encrypts all present and future passwords.
Half 3: Configure a MOTD Banner
Step 1: Configure a message of the day (MOTD) banner.
The Cisco IOS command set features a function that lets you configure messages that anybody logging onto the change sees. These messages are referred to as message of the day, or MOTD banners. Enclose the banner textual content in quotations or use a delimiter totally different from any character showing within the MOTD string.
S1# config t S1(config)# banner motd "This can be a safe system. Approved Entry Solely!" S1(config)# exit %SYS-5-CONFIG_I: Configured from console by console S1#
When will this banner be displayed?
The message shall be displayed when somebody enters the change by the console port.
Why ought to each change have a MOTD banner?
Each change ought to have a banner to warn unauthorized customers that entry is prohibited however can be used for sending messages to community personnel/technicians (resembling impending system shutdowns or who to contact for entry)
Half 4: Save Configuration Information to NVRAM
Step 1: Confirm that the configuration is correct utilizing the present run command.
Step 2: Save the configuration file.
You may have accomplished the essential configuration of the change. Now again up the operating configuration file to NVRAM to make sure that the modifications made are usually not misplaced if the system is rebooted or loses energy.
S1# copy running-config startup-config Vacation spot filename [startup-config]?[Enter] Constructing configuration... [OK]
What’s the shortest, abbreviated model of the copy running-config startup-config command? cop r s
Step 3: Study the startup configuration file.
Which command will show the contents of NVRAM? present startup-config
Are all of the modifications that have been entered recorded within the file? Sure, it’s the similar because the operating configuration.
Half 5: Configure S2
You may have accomplished the configuration on S1. You’ll now configure S2. For those who can’t keep in mind the instructions, discuss with Elements 1 to 4 for help.
Configure S2 with the next parameters:
a. Identify system: S2
b. Shield entry to the console utilizing the letmein password.
c. Configure an allow password of c1$c0 and an allow secret password of itsasecret.
d. Configure a message to these logging into the change with the next message:
Approved entry solely. Unauthorized entry is prohibited and violators shall be prosecuted to the complete extent of the regulation.
e. Encrypt all plain textual content passwords.
f. Be certain that the configuration is right.
g. Save the configuration file to keep away from loss if the change is powered down.
Change> allow Change# config t Enter configuration instructions, one per line. Finish with CNTL/Z. Change(config)# hostname S2 S2(config)# line console 0 S2(config-line)# password letmein S2(config-line)# login S2(config-line)# allow password c1$c0 S2(config)# allow secret itsasecret S2(config)# banner motd $any textual content right here$ S2(config)# service password-encryption S2(config)# do copy running-config startup-config
Directions:
Change 1 – S1
allow configure terminal hostname S1 line console 0 password letmein login allow password c1$c0 allow secret itsasecret service password-encryption banner motd #This can be a safe system. Approved Entry Solely!# finish copy running-config startup-config
Change 2 – S2
allow configure terminal hostname S2 line console 0 password letmein login allow password c1$c0 allow secret itsasecret service password-encryption banner motd #Approved entry solely. Unauthorized entry is prohibited and violators shall be prosecuted to the complete extent of the regulation.# finish copy running-config startup-config
Obtain Pka file and PDF file
[sociallocker id=”54558″]
[/sociallocker]
[ad_2]