API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 15th, 2019
271
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.12 KB | None | 0 0
raw download clone embed print report
  1. Packet Tracer - Configuring Initial Switch Settings
  2. Topology
  3.  
  4. Objectives
  5.  
  6. Part 1: Verify the Default Switch Configuration
  7.  
  8. Part 2: Configure a Basic Switch Configuration
  9.  
  10. Part 3: Configure a MOTD Banner
  11.  
  12. Part 4: Save Configuration Files to NVRAM
  13.  
  14. Part 5: Configure S2
  15.  
  16. Background
  17.  
  18. In this activity, you will perform basic switch configurations. You will secure access to the command-line interface (CLI) and console ports using encrypted and plain text passwords. You will also learn how to configure messages for users logging into the switch. These banners are also used to warn unauthorized users that access is prohibited.
  19.  
  20. Part 1: Verify the Default Switch Configuration
  21. Step 1: Enter privileged EXEC mode.
  22.  
  23. You can access all switch commands from privileged EXEC mode. However, because many of the privileged commands configure operating parameters, privileged access should be password-protected to prevent unauthorized use.
  24.  
  25. The privileged EXEC command set includes those commands contained in user EXEC mode, as well as the configure command through which access to the remaining command modes are gained.
  26.  
  27. a. Click S1 and then the CLI tab. Press Enter.
  28.  
  29. b. Enter privileged EXEC mode by entering the enable command:
  30.  
  31. Switch> enable
  32. Switch#
  33. Notice that the prompt changed in the configuration to reflect privileged EXEC mode.
  34.  
  35. Step 2: Examine the current switch configuration.
  36.  
  37. a. Enter the show running-config command.
  38.  
  39. Switch# show running-config
  40. b. Answer the following questions:
  41.  
  42. 1) How many FastEthernet interfaces does the switch have?
  43.  
  44. 2) How many Gigabit Ethernet interfaces does the switch have?
  45.  
  46. 3) What is the range of values shown for the vty lines?
  47.  
  48. 4) Which command will display the current contents of non-volatile random-access memory (NVRAM)?
  49.  
  50. 5) Why does the switch respond with startup-config is not present?
  51.  
  52. Part 2: Create a Basic Switch Configuration
  53. Step 1: Assign a name to a switch.
  54.  
  55. To configure parameters on a switch, you may be required to move between various configuration modes. Notice how the prompt changes as you navigate through the switch.
  56.  
  57. Switch# configure terminal
  58. Switch(config)# hostname S1
  59. S1(config)# exit
  60. S1#
  61. Step 2: Secure access to the console line.
  62.  
  63. To secure access to the console line, access config-line mode and set the console password to letmein.
  64.  
  65. S1# configure terminal
  66. Enter configuration commands, one per line. End with CNTL/Z.
  67. S1(config)# line console 0
  68. S1(config-line)# password letmein
  69. S1(config-line)# login
  70. S1(config-line)# exit
  71. S1(config)# exit
  72. %SYS-5-CONFIG_I: Configured from console by console
  73. S1#
  74. Why is the login command required?
  75.  
  76. Step 3: Verify that console access is secured.
  77.  
  78. Exit privileged mode to verify that the console port password is in effect.
  79.  
  80. S1# exit
  81. Switch con0 is now available
  82. Press RETURN to get started.
  83.  
  84. User Access Verification
  85. Password:
  86. S1>
  87. Note: If the switch did not prompt you for a password, then you did not configure the login parameter in Step 2.
  88.  
  89. Step 4: Secure privileged mode access.
  90.  
  91. Set the enable password to c1$c0. This password protects access to privileged mode.
  92.  
  93. Note: The 0 in c1$c0 is a zero, not a capital O. This password will not grade as correct until after you encrypt it in Step 8.
  94.  
  95. S1> enable
  96. S1# configure terminal
  97. S1(config)# enable password c1$c0
  98. S1(config)# exit
  99. %SYS-5-CONFIG_I: Configured from console by console
  100. S1#
  101. Step 5: Verify that privileged mode access is secure.
  102.  
  103. a. Enter the exit command again to log out of the switch.
  104.  
  105. b. Press <Enter> and you will now be asked for a password:
  106.  
  107. User Access Verification
  108. Password:
  109. c. The first password is the console password you configured for line con 0. Enter this password to return to user EXEC mode.
  110.  
  111. d. Enter the command to access privileged mode.
  112.  
  113. e. Enter the second password you configured to protect privileged EXEC mode.
  114.  
  115. f. Verify your configurations by examining the contents of the running-configuration file:
  116.  
  117. S1# show running-config
  118. Notice how the console and enable passwords are both in plain text. This could pose a security risk if someone is looking over your shoulder.
  119. Step 6: Configure an encrypted password to secure access to privileged mode.
  120.  
  121. The enable password should be replaced with the newer encrypted secret password using the enable secret command. Set the enable secret password to itsasecret.
  122.  
  123. S1# config t
  124. S1(config)# enable secret itsasecret
  125. S1(config)# exit
  126. S1#
  127. Note: The enable secret password overrides the enable password. If both are configured on the switch, you must enter the enable secret password to enter privileged EXEC mode.
  128.  
  129. Step 7: Verify that the enable secret password is added to the configuration file.
  130.  
  131. a. Enter the show running-config command again to verify the new enable secret password is configured.
  132.  
  133. Note: You can abbreviate show running-config as
  134. S1# show run
  135. b. What is displayed for the enable secret password?
  136.  
  137. c. Why is the enable secret password displayed differently from what we configured?
  138.  
  139. Step 8: Encrypt the enable and console passwords.
  140.  
  141. As you noticed in Step 7, the enable secret password was encrypted, but the enable and console passwords were still in plain text. We will now encrypt these plain text passwords using the service password-encryption command.
  142.  
  143. S1# config t
  144. S1(config)# service password-encryption
  145. S1(config)# exit
  146. If you configure any more passwords on the switch, will they be displayed in the configuration file as plain text or in encrypted form? Explain.
  147.  
  148. Part 3: Configure a MOTD Banner
  149. Step 1: Configure a message of the day (MOTD) banner.
  150.  
  151. The Cisco IOS command set includes a feature that allows you to configure messages that anyone logging onto the switch sees. These messages are called message of the day, or MOTD banners. Enclose the banner text in quotations or use a delimiter different from any character appearing in the MOTD string.
  152.  
  153. S1# config t
  154. S1(config)# banner motd "This is a secure system. Authorized Access Only!"
  155. S1(config)# exit
  156. %SYS-5-CONFIG_I: Configured from console by console
  157. S1#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!