Professional Documents
Culture Documents
Network Security Labs
Network Security Labs
- Telnet
- Router > enable
- Router # config t
- Router (config) # line vty 0 4
- Router (config-line) # password cisco5
- Router (config-line) # login
- Router (config-line) # exit
- Router (conf t) username cisco privilege 15 secret cisco6
- R1(config)#aaa new-model
- R1(config)#aaa authentication login default local
- R1(config)#aaa authorization exec default local
- Router # wr
SSH
- The name of the RSA keypair will be the hostname and domain name of the router.
Let’s configure a hostname:
- Router(config)#hostname R1
- And a domain name:
- R1(config)#ip domain-name NETWORKLESSONS.LOCAL
- Now we can generate the RSA keypair:
- R1(config)#crypto key generate rsa
- How many bits in the modulus [512]: 2048
- % Generating 2048 bit RSA keys, keys will be non-exportable...
- R1(config)#line vty 0 4
- R1(config-line)#transport input ssh
- R1(config-line)#login local
Backup
- R1#copy run tftp
- Address or name of remote host []? 115.115.115.6
- Destination filename [roouerb-confg]? zzzzzz
Restore
- R1#copy tftp running-config
- Address or name of remote host []? 115.115.115.6
- Destination filename [roouerb-confg]? Zzzzzz
- R1#copy tftp flash:
Password Recovery Step-by-Step Procedure:
To recover your password:
1 Turn off or shut down the router
2 Press Break or Control+C or Shift+Control+6 keys. on the terminal keyboard within 60
seconds of the power-up to put the router into ROMMON.
R1(config)#config-register 0x2102
R1(config)#exit
R1#reload
Password:
R2(config-view)#secret 123
R2(config-view)#secret 234
4- Binding parser view with local database and writing all configurations
:
R2(config)#do write
5- To see parser views and the commands associated with them :
6- Creating superview
R1(config-view)#secret super
R1(config-view)#view abc
R1(config-view)#view xyz
8- To check how many commands the current view has type “?”:
R1(config)#default-router 10.10.10.1
R1(config)#dns-server 90.90.90.60
access-list configuration
standard access list
Router(config)#access-list 1 deny 10.0.0.152
Router(config)#access-list 1 permit any
Router(config-if)#ip access-group 1 in
Router(config)#no access-list 1
subnet
Router(config)#access-list 1 deny 192.168.19.0 0.0.0.255
Router(config)#access-list 1 permit any
Router(config-if)#ip access-group 1 in
Extended(host only)
Router(config)# access-list 100 deny tcp host 10.0.0.152 host 170.17.17.5 eq
80
subnet
Router(config)#access-list 110 deny tcp 10.0.0.0 0.0.0.255 host 170.17.17.5
to delete access-list
Router(config)#no access-list 1