zeldor.biz

Linux, programming and more

Copyright © 2023
Log in

CCNA Exploration 4 – Module 4

September 26, 2010 by Igor Drobot Leave a Comment

Configure R1 with OSPF simple authentication:

1
2
3
4
5
R1(config)#router ospf 1
R1(config-router)#area 0 authentication
 
R1(config-router)#interface S0/0/0
R1(config-if)#ip ospf authentication-key cisco123

R1(config)#router ospf 1 R1(config-router)#area 0 authentication R1(config-router)#interface S0/0/0 R1(config-if)#ip ospf authentication-key cisco123

1
2
3
R2(config)#interface S0/0/1
R2(config-if)#ip ospf authentication message-digest
R2(config-if)#ip ospf message-digest-key 1 md5 cisco12

R2(config)#interface S0/0/1 R2(config-if)#ip ospf authentication message-digest R2(config-if)#ip ospf message-digest-key 1 md5 cisco12

Configure Router to support Cisco SDM:

1
2
3
4
5
6
7
8
9
10
R1# configure terminal
R1(config) # ip http server
R1(config) # ip http secure-server
R1(config) # ip http authentication local
R1(config) # username Student privilege 15 secret cisco
R1(config) # line vty 0 4
R1(config-line) # privilege level 15
R1(config-line) # login local
R1(config-line) # transport input telnet ssh
R1(config-line) # exit

R1# configure terminal R1(config) # ip http server R1(config) # ip http secure-server R1(config) # ip http authentication local R1(config) # username Student privilege 15 secret cisco R1(config) # line vty 0 4 R1(config-line) # privilege level 15 R1(config-line) # login local R1(config-line) # transport input telnet ssh R1(config-line) # exit

Additional security for VTY:

1
2
3
4
R1 (config) # line vty 0 4
R1 (config-line) # exec-timeout 3
R1 (config-line) # exit
R1 (config) # service tcp-keepalives in

R1 (config) # line vty 0 4 R1 (config-line) # exec-timeout 3 R1 (config-line) # exit R1 (config) # service tcp-keepalives in

Additional tricks:

1
2
3
Router (config) # crypto key generate rsa
Router (config) # ip ssh time-out 15
Router (config) # ip ssh authentication-retries 2

Router (config) # crypto key generate rsa Router (config) # ip ssh time-out 15 Router (config) # ip ssh authentication-retries 2














Supports incoming telnet and SSH sessions:

1
2
3
4
R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input telnet ssh
R1 (config-line) # exit

R1 (config) # line vty 0 4 R1 (config-line) # no transport input R1 (config-line) # transport input telnet ssh R1 (config-line) # exit

Supports only incoming SSH sessions:

1
2
3
4
R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input ssh
R1 (config-line) # exit

R1 (config) # line vty 0 4 R1 (config-line) # no transport input R1 (config-line) # transport input ssh R1 (config-line) # exit

Filed Under: Linux Tagged With: CCNA4, Cisco, Securiry

Categories

Archives

Tags

apache2 Apple arduino ARM Automation backup bash Cisco Cluster Corosync Database Debian Debian squeeze DIY DNS Fedora FTP Fun Icinga Ipv6 KVM Linux LVM MAC OS X Monitoring MySQL Nagios Nginx openSUSE OpenVPN PHP Proxy Python python3 qemu RAID rsync Samba security ssh Ubuntu virtualization Windows Windows 7 Wordpress

Leave a Reply

Your email address will not be published. Required fields are marked *