Académique Documents
Professionnel Documents
Culture Documents
Step 2:
Enter this sequence of commands into the Branch router:
Branch>enable
Branch#configure terminal
Enter configuration commands, one per line.
Branch(config)#line console 0
Branch(config-line)#password cisco
Branch(config-line)#login
Step 3:
You will be asked for the password that you configured in the previous step.
Branch(config-line)#end
Branch#exit
Password: cisco
Branch>
Step 4:
Branch>enable
Branch#show running-config | section line con
line con 0
exec-timeout 60 0
password cisco
logging synchronous
login
Step 5:
Enter the following command sequence into the Branch router:
Branch#configure terminal
Enter configuration commands, one per line.
Step 6:
You will be asked for a username and password. Enter the credentials that you created in the previous step.
Branch(config-line)#end
Branch#exit
Step 7:
Note that the password is encrypted, not in cleartext. You could use the service password-encryption command to encode the cleartext password, but this encryption type is weak.
Step 8:
Enter this sequence of commands into the Branch router:
Branch#configure terminal
Enter configuration commands, one per line.
Branch(config)#line vty 0 4
Branch(config-line)#login local
Branch(config-line)#exit
Branch(config)#
Step 9:
Enter the appropriate credentials to log into the Branch router. Exit Telnet session.
PC1>telnet 10.1.1.1
Trying 10.1.1.1 ... Open
Step 10:
Enter this command on the Branch router:
Step 11:
Branch#disable
Branch>enable
Password:cisco
Branch#
Step 12:
Enter this command on the Branch router:
[OK]
Step 13:
Step 14:
Enter this sequence of commands on SW1:
Step 15:
SW1(config-line)#end
SW1#exit
Step 16:
Enter this command on the SW1 switch:
Step 17:
SW1>enable
Password: cisco
SW1#
Step 18:
Enter the appropriate credentials to log into the switch. Exit Telnet session.
PC1>telnet 10.1.1.11
Trying 10.1.1.11 ... Open
Step 1:
Enter this sequence of commands on the Branch router:
Branch(config)#line vty 0 4
Branch(config-line)#transport input ssh
Branch(config-line)#exit
Branch(config)#ip ssh version 2
Step 2:
Enter this command on the Branch router:
Step 3:
Enter this sequence of commands on the SW1 switch:
Step 4:
PC1>telnet 10.1.1.1
Trying 10.1.1.1 ...
% Connection refused by remote host
PC1>
Step 5:
Leave the connection open for the next step.
Step 6:
Branch>show users
10
Line
User
Host(s)
Idle
0 con 0
ccna
idle
00:24:52
Location
2 vty 0
ccna
Interface
User
idle
00:00:00 10.1.1.100
Mode
Branch>exit
PC1>
Step 7:
Step 8:
Enter this command on the SW1 switch:
Step 1:
Enter this sequence of commands on the SW1 switch:
SW1#configure terminal
11
Idle
Peer Address
Step 2:
SW1(config)#line vty 0 4
SW1(config-line)#access-class 1 in
Step 3:
You should not be successful, because the ACL that you defined allows only the Branch router to establish sessions to switch SW1.
Step 4:
You should be successful.
12
Branch#
Exit SSH session from SW1 switch.
Step 5:
Notice that the counters for both the permit and deny statements increased. If you did not define an explicit deny statement, a remote session from PC1 would still be denied, but you would not be able to see coun
for denied remote session attempts.
SW1#show access-lists
Standard IP access list 1
10 permit 10.1.1.1 (2 matches)
20 deny
The number of matchs shown is typical. However, your values may be larger if you attempted the SSH connection more than once.
Step 6:
Enter this command on the SW1 switch:
Step 1:
Enter the following command on the Branch router:
Branch(config)#banner login #
Enter TEXT message.
13
**********
Warning
*************
Step 2:
Notice the login banner that you were presented with as you logged in.
Branch#logout
**********
Warning
*************
14
Step 3:
Enter this command on the Branch router:
Step 4:
Enter the following command on the SW1 switch:
SW1(config)#banner login #
Enter TEXT message.
**********
*************
Warning
15
***********************************************#
SW1(config)#
Step 5:
Notice the login banner that you were presented with as you logged in.
SW1#logout
**********
Warning
*************
16
Step 6:
Enter this command on the SW1 switch:
SW1>enable
Password:cisco
SW1#copy running-config startup-config
Destination filename [startup-config]? <Enter>
Building configuration...
[OK]
17