Hi ! everyone on today we are going to learn a simple topic on how to configure cisco router password using packet tracer which is converted from GNS3 as given below topology.
Router>enable
Router#config t
Router(config)#enable password cisco
Router(config)#exit
Router#exit
Now We have logged out the router, notice that you will see two lines “Router con0 is now available” and “Press RETURN to get started.” Press Enter to enter the user mode (a line Router> will appear)
Password: ------> Here you type our password "cisco"
Router#
Notice that we with the “enable password” command, the router will save our password in plain text. It means if someone types show running-config on our router, they can see our password.
Router#show running-config
Building configuration...
Current configuration : 578 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
enable password cisco ------->
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
This is a thing above we could see the marked symbol like this ---> that we don’t want as our router is not secured completely. In fact, most of the administrators use the “enable secret” command nowadays. To do it, in the privileged mode type the following commands:
Router#config t
Router(config)#enable secret ciscoSecret (notice the letter “S” is capital)
Router(config)#exit
Router#exit
Router>enable
Password: --------> Here type password "cisco" the router does not accept it
Password: --------> Here type password "ciscoSecret" as we mentioned above
Router#
Now we can see the command shows:
enable secret 5 $1$mERr$8HKbj5xhhhd97zc4Svr9p.
enable password cisco
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
Router(config)#exit
Set vty (virtual terminal lines) password:
Router#config t
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
Router(config)#exit
Another notice is that we can’t login to a Cisco router via telnet if we don’t set a vty line password for it.
Therefore, that all for today lab session on configure on cisco router password GNS3 lab done in packet tracer version 7.1.
Router>enable
Router#config t
Router(config)#enable password cisco
Router(config)#exit
Router#exit
Now We have logged out the router, notice that you will see two lines “Router con0 is now available” and “Press RETURN to get started.” Press Enter to enter the user mode (a line Router> will appear)
Now we can test if the password is working. Log in the privileged mode with the enable command
Router>enable
Now we can see the router is asking for a password. Type “cisco” as its password here and we can log in to the privileged mode
Router>enablePassword: ------> Here you type our password "cisco"
Router#
Notice that we with the “enable password” command, the router will save our password in plain text. It means if someone types show running-config on our router, they can see our password.
Router#show running-config
Building configuration...
Current configuration : 578 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
enable password cisco ------->
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
This is a thing above we could see the marked symbol like this ---> that we don’t want as our router is not secured completely. In fact, most of the administrators use the “enable secret” command nowadays. To do it, in the privileged mode type the following commands:
Router#config t
Router(config)#enable secret ciscoSecret (notice the letter “S” is capital)
Router(config)#exit
Router#exit
Router>enable
Password: --------> Here type password "cisco" the router does not accept it
Password: --------> Here type password "ciscoSecret" as we mentioned above
Router#
So notice that if you configure the enable secret command, it takes precedence over the enable password command. The two commands cannot be in effect simultaneously.
The enable secret command will encrypt the password so no one can see the password with the show running-config command. We can check it.
Now we can see the command shows:
enable secret 5 $1$mERr$8HKbj5xhhhd97zc4Svr9p.
enable password cisco
We can also set the password for console and vty (telnet) login with these commands:
Set console password:
Router(config)#line console 0Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
Router(config)#exit
Set vty (virtual terminal lines) password:
Router#config t
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
By default, a Cisco router supports 5 simultaneous telnet sessions. By using the command line vty 0 4, the configuration below will be applied to all 5 sessions (line 0 to line 4).
Notice these passwords are not encrypted and we can see them with the “show running-config” command. We can encrypt all the passwords with the service password-encryption command in global configuration mode
Router(config)#service password-encryptionRouter(config)#exit
Another notice is that we can’t login to a Cisco router via telnet if we don’t set a vty line password for it.
Therefore, that all for today lab session on configure on cisco router password GNS3 lab done in packet tracer version 7.1.
No comments:
Post a Comment