The privileged EXEC command set includes those commands contained in user EXEC mode, as well as the configure command through which access to the remaining command modes are gained.
1. Click S1 and then the CLI tab. Press Enter.
2. Enter privileged EXEC mode by entering the enable command:
Switch> enable
Switch#
3. Enter the show running-config command.
Switch# show running-config
4. Assign a name to a switch
Switch# configure terminal
Switch(config)# hostname S1
S1(config)# exit
S1#
5. To secure access to the console line, access config-line mode and set the console password to letmein.
S1# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# line console 0
S1(config-line)# password letmein
S1(config-line)# login
S1(config-line)# exit
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S1#
6. Verify that console access is secured.
Exit privileged mode to verify that the console port password is in effect.
S1# exit
Switch con0 is now available
Press RETURN to get started.
User Access Verification
Password:
S1>
7. Secure privileged mode access.
S1> enable
S1# configure terminal
S1(config)# enable password c1$c0
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S1#
8. Verify that privileged mode access is secure.
Enter the exit command again to log out of the switch.
Press <Enter> and you will now be asked for a password:
User Access Verification
Password:letmein
9. The first password is the console password you configured for line con 0. Enter this password to return to user EXEC mode.
Enter the command to access privileged mode.
Enter the second password you configured to protect privileged EXEC mode.
Verify your configurations by examining the contents of the running-configuration file:
S1# show running-config
10. Configure an encrypted password to secure access to privileged mode.
Set the enable secret password to itsasecret.
S1# config t
S1(config)# enable secret itsasecret
S1(config)# exit
S1#
11. Enter the show running-config command again to verify the new enable secret password is configured.
Note: You can abbreviate show running-config as
S1# show run
12. We will now encrypt these plain text passwords using the service password-encryption command.
S1# config t
S1(config)# service password-encryption
S1(config)# exit
13. Configure a message of the day (MOTD) banner.
S1# config t
S1(config)# banner motd "This is a secure system. Authorized Access Only!"
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S1#
14. Save the Configuration File
15. Save the configuration file.
S1# copy running-config startup-config
Destination filename [startup-config]?[Enter]
Building configuration...
[OK]
16. Configure S2 with the following parameters:
17. Name device: S2
b. Configure an enable password of c1$c0 and an enable secret password of itsasecret.
c. Configure a message to those logging into the switch with the following message:
d. Authorized access only. Unauthorized access is prohibited and violators will be prosecuted to the full extent of the law.
e. Encrypt all plain text passwords.
f. Ensure that the configuration is correct.
g. Save the configuration file to avoid loss if the switch is powered down.
Switch>enable
Configure a message of the day (MOTD) banner.
S2# config t
S2(config)# banner motd "This is a secure system. Authorized Access Only!"
S2(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S2#
Switch#show running-config
Switch#configure terminal
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S2
S2(config)#exit
S2#
S2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
S2#exit
Switch con0 is now available
Press RETURN to get started.
User Access Verification
Password:
S2> enable
S2# show running-config
S2# config t
S2(config)#enable secret itsasecret
S2(config)# exit
S2# show run
S2# config t
S2(config)# service password-encryption
S2(config)# exit
S2# config t
S2(config)# banner motd "This is a secure system. Authorized Access Only!"
S2(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S2# copy running-config startup-config
Destination filename [startup-config]?[Enter]
Building configuration...
[OK]
Hasil :
Tidak ada komentar:
Posting Komentar