Scribd Logo
Upload

Welcome to Scribd!

  • 1 views

    CCNA Day 4

    Uploaded by

    David Bueno
    This document discusses various methods for accessing and configuring network devices running Cisco IOS or related software. There are three main ways to access a device: console, telnet, and SSH. Console requires a physical connection, while telnet and SSH allow remote access but only SSH encrypts the connection. The document also outlines user privilege levels, CLI features, and how to configure basic switch management settings like IP addressing, user authentication, and remote access protocols.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    CCNA Day 4

    Uploaded by

    David Bueno
    1 views3 pages
    This document discusses various methods for accessing and configuring network devices running Cisco IOS or related software. There are three main ways to access a device: console, telnet, and SSH. Console requires a physical connection, while telnet and SSH allow remote access but only SSH encrypts the connection. The document also outlines user privilege levels, CLI features, and how to configure basic switch management settings like IP addressing, user authentication, and remote access protocols.

    Original Description:

    Original Title

    CCNA Day 4 (4)

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses various methods for accessing and configuring network devices running Cisco IOS or related software. There are three main ways to access a device: console, telnet, and SSH. Console requires a physical connection, while telnet and SSH allow remote access but only SSH encrypts the connection. The document also outlines user privilege levels, CLI features, and how to configure basic switch management settings like IP addressing, user authentication, and remote access protocols.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    1 views3 pages

    CCNA Day 4

    Uploaded by

    David Bueno
    This document discusses various methods for accessing and configuring network devices running Cisco IOS or related software. There are three main ways to access a device: console, telnet, and SSH. Console requires a physical connection, while telnet and SSH allow remote access but only SSH encrypts the connection. The document also outlines user privilege levels, CLI features, and how to configure basic switch management settings like IP addressing, user authentication, and remote access protocols.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 3

    -------------------------Accessing to the device-------------------------------

    Devices use IOS code (Or Firewall code ASA or FTD) like software

    we have 3 ways for accessing to the devices: (Console, Telnet and SSH)

    Console: You need to physical connection to the device in the appropiate port
    (Console port)
    Telnet: Remote access connection but the information is sending in clear text (TCP
    port 23)
    SSH: Remote access connection and the information is sending in cipher text (TCP
    port 22)

    All access method (console, telnet y ssh) are displayed to user mode

    User mode: "name>", it is a mode where it is not possible to break something


    Priveledged mode (Or enable mode): "name#", you have the possibility to break
    something (limit management of the device). You will access mode from user mode
    (enable command)
    Global configuration mode: "name(config)#", we can modify the device configutation

    CLI Help Features: Question mark "?" for displaying available commands
    Show commands: Display the information like a photograph (one instant)
    debug commands: Display the real time information

    ------------------Configuring Cisco IOS Software----------------------------

    User mode (enable) > Priviledge mode (configure terminal) > Global configuration
    mode

    Global configuration mode: we have multiple subconfiguration mode

    Running configuration: it is the active configuration when the device is enabled


    (it is saved on the RAM)
    Startup-configuration: it is the initial configuration when the device is recovered
    from reload (it is saved on the NVRAM)
    IOS software: It is the operating system for the device (it is saved on the flash
    memory)
    Bootstrap program: It is the Rommon, it is the program that it is used before the
    IOS, and when we need to apply specific changes on the devices. (it is saved on the
    ROM)

    Running config could be different than startup-config (You need to save the
    running-config to the startup-config)

    copy running-config startup-config or write memory

    ---------------------------Configuring Basic Switch


    Management----------------------------

    ---------Securing the switch CLI--------------------


    Securing User Mode and Privileged Mode With Simple Passwords...........

    User mode to enable mode (privileged mode): enable secret <password-value> or


    enable password <password-value>
    secret: it is cipher text on running config (Priority)
    password: it is clear text on runnning config if service encryption is disabled

    Console and Telnet: Protected the user mode by password


    line {console | vty } <0 - 15>
    password <password-value>
    login

    Securing User Mode Access with Local Usernames and Passwords...............


    Console and Telnet/SSH: Protected the user mode by local username and password
    username <name> {password | secret} <password-value>
    line <console | vty > <0 - 15>
    no password
    login local

    Securing User Mode Access with External Authentication Servers...........


    Telnet/SSH and Console: Protected the user mode by external server (AAA) username
    and password

    Securing Remote Access with Secure Shell....................

    SSH: Protected the user mode by SSH


    hostname <name>
    ip domain-name <url>
    crypto key generate rsa: <power two number>

    username <name> {password | secret} <password-value>


    line vty 0 15
    no password
    login local

    Use the transport input {all | none | telnet | ssh} vty subcommand in vty mode,
    with the following options:
    transport input all or transport input telnet ssh: Support both Telnet and SSH
    transport input none: Support neither
    transport input telnet: Support only Telnet
    transport input ssh: Support only SSH

    ----------------Enabling IPv4 for Remote Access-----------

    Manual configuration or DHCP configuration...............

    Manual configuration...................................
    0. Create Vlan (vlan <number>)
    1. Create interface vlan (interface vlan <number>)
    2. Assign IP address (ip address <ip-address> <mask>)
    3. Enable the interface (no shutdown)
    4. Configure default gateway (ip default-gateway <ip-address>)

    DHCP configuration (You need to configure DHCP server)..................


    0. Create Vlan (vlan <number>)
    1. Create interface vlan (interface vlan <number>)
    2. Assign DHCP IP address (ip address dhcp)
    3. Enable the interface (no shutdown)
    4. Configure default gateway (ip default-gateway <ip-address>)

    Verifying IPv4 on a Switch........................................


    show running-config
    show interfaces vlan x
    show dhcp lease

    You might also like