From Mycomputer Notes

Revision as of 22:14, 27 April 2006

All CLI configuration changes to a Cisco router are made from global configuration mode, which is sometimes called global config. Global config is the primary configuration mode.

Configuring a Router

A router should be given a unique name as one of the first configuration tasks In order to accomplished this go to the global configuration mode with the following command:

Router(config)#hostname Tokyo Tokyo(config)#

Configuring router passwords

As a best practive restrict access to routers with a password. Passwords should always be configured for virtual terminal (vty) lines and the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized users may make changes to the configuration file.

Console Password

Router(Config)# line console 0
Router(Config)# password cisco
Router(Config)# login

Virtual Terminal Password

Router(Config)# line vty 0 4 (when configuring telenet sessions)
Router(Config)# password cisco
Router(Config)# login

Enable Password

Router(Config)# enable password SanFranciso
Router(Config)# service password-encryption (to encrypt non  encrypted passwords)

The enable password used to restrict access to the privileged EXEC mode IF the enable secret has not been set.

Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-config or show startup-config commands and a a best practice we should used the "service password-encryption" command

=Password encryption

Router(Config)# enable secret <password> (encrypted password)

The enable secret commands is used to restrict access to the privileged EXEC mode The enable secret command should be used because the enable secret command is encrypted