ConnecL Lhe console or rollover cable Lo Lhe console porL on Lhe rouLer ConnecL Lhe crossover cable beLween Lhe hosL compuLer's neLwork lnLerface card (nlC) and 8ouLer lnLerface la0/0 ConnecL a sLralghLLhrough cable beLween Lhe 8ouLer lnLerface la0/1 and any of Lhe swlLch's lnLerfaces Lnsure LhaL power has been applled Lo Lhe hosL compuLer swlLch and rouLer Step 2 Connect host computer to router through 1 1erm|na| SLarL Lhe 1 1ermlnal program by cllcklng on PosL1 | ueskLop 1ab | 1ermlnal Leave all values aL defaulL when you cllck Lermlnal Step 3 Conf|gure g|oba| conf|gurat|on hostname sett|ng WhaL Lwo commands may be used Lo leave Lhe prlvlleged exec mode? WhaL shorLcuL command can be used Lo enLer Lhe prlvlleged exec mode? Lxamlne Lhe dlfferenL conflguraLlon modes LhaL can be enLered wlLh Lhe command conflgure? WrlLe down Lhe llsL of conflguraLlon modes and descrlpLlon lrom Lhe prlvlleged exec mode enLer global conflguraLlon mode router# conf|gure term|na| router(conf|g)# WhaL Lhree commands may be used Lo leave Lhe global conflguraLlon mode and reLurn Lo Lhe prlvlleged exec mode? WhaL shorLcuL command can be used Lo enLer Lhe global conflguraLlon mode? SeL Lhe devlce hosLname Lo 8ouLer1 router(conf|g)# hostname kouter1 kouter1(conf|g)# Pow can Lhe hosLname be removed? Step 4 Conf|gure a MC1D banner ln producLlon neLworks banner conLenL may have a slgnlflcanL legal lmpacL on Lhe organlzaLlon lor example a frlendly Welcome" message may be lnLerpreLed by a courL LhaL an aLLacker has been granLed permlsslon Lo hack lnLo Lhe rouLer A banner should lnclude lnformaLlon abouL auLhorlzaLlon penalLles for unauLhorlzed access connecLlon logglng and appllcable local laws 1he corporaLe securlLy pollcy should provlde pollcy on all banner messages CreaLe a sulLable MC1u banner Cnly sysLem admlnlsLraLors of Lhe A8C Company are auLhorlzed access unauLhorlzed access wlll be prosecuLed and all connecLlon lnformaLlon wlll be logged Lxamlne Lhe dlfferenL banner modes LhaL can be enLered WrlLe down Lhe llsL of banner modes and descrlpLlon kouter1(conf|g)# banner ? Choose a LermlnaLlng characLer LhaL wlll noL be used ln Lhe message LexL Conflgure Lhe MC1u banner 1he MC1u banner ls dlsplayed on all connecLlons before Lhe logln prompL use Lhe LermlnaLlng characLer on a blank llne Lo end Lhe MC1u enLry kouter1(conf|g)# banner motd Lnter 1Lk1 message Lnd w|th the character *** Unauthor|zed access |s proh|b|ted and w||| be prosecuted *** kouter1(conf|g)# WhaL ls Lhe global conflguraLlon command Lo remove Lhe MC1u banner? At the end of th|s task your comp|et|on rate shou|d be 30 1ask 2 Conf|gure C|sco router password access Access passwords are seL for Lhe prlvlleged exec mode and user enLry polnL such as console aux and vlrLual llnes 1he prlvlleged exec mode password ls Lhe mosL crlLlcal password slnce lL conLrols access Lo Lhe conflguraLlon mode Step 1 Conf|gure the pr|v||eged exec password Clsco lCS supporLs Lwo commands LhaL seL access Lo Lhe prlvlleged exec mode Cne command enable password conLalns weak crypLography and should never be used lf Lhe enable secreL command ls avallable 1he enable secreL command uses a very secure Mu3 crypLographlc hash algorlLhm Clsco says As far as anyone aL Clsco knows lL ls lmposslble Lo recover an enable secreL based on Lhe conLenLs of a conflguraLlon flle (oLher Lhan by obvlous dlcLlonary aLLacks)" assword securlLy relles on Lhe password algorlLhm and Lhe password ln producLlon envlronmenLs sLrong passwords should be used aL all Llmes A sLrong password conslsLs of aL leasL nlne characLers of upper and lower case leLLers numbers and symbols ln a lab envlronmenL we wlll use weak passwords SeL Lhe prlvlleged exec password Lo class kouter1(conf|g)# enab|e secret c|ass kouter1(conf|g)# Step 2 Conf|gure the conso|e password SeL Lhe console access password Lo clsco 1he console password conLrols console access Lo Lhe rouLer kouter1(conf|g)# ||ne conso|e 0 kouter1(conf|g||ne)# password c|sco kouter1(conf|g||ne)# |og|n WhaL ls Lhe command Lo remove Lhe console password? Step 3 Conf|gure the v|rtua| ||ne password SeL Lhe vlrLual llne access password Lo clsco 1he vlrLual llne password conLrols 1elneL access Lo Lhe rouLer ln early Clsco lCS verslons only flve vlrLual llnes could be seL 0 Lhrough 4 ln newer Clsco lCS verslons Lhe number has been expanded unless a LelneL password ls seL access on LhaL vlrLual llne ls blocked kouter1(conf|g||ne)# ||ne vty 0 4 kouter1(conf|g||ne)# password c|sco kouter1(conf|g||ne)# |og|n lssue Lhe command exlL WhaL ls Lhe rouLer prompL? WhaL ls Lhe mode? kouter1(conf|g||ne)# ex|t lssue Lhe command end WhaL ls Lhe rouLer prompL? WhaL ls Lhe mode? At the end of th|s task your comp|et|on rate shou|d be 43 1ask 3 Conf|gure C|sco kouter Interfaces Step 1 Conf|gure the router fa0]0 |nterface w|th the |ast usab|e address |n the second subnet (Subnet 1 |n the address chart) kouter1(conf|g)# |nterface fa0]0 kouter1(conf|g|f)# descr|pt|on Connect|on to nost1 w|th crossover cab|e kouter1(conf|g|f)# |p address ff kouter1(conf|g|f)# no shutdown kouter1(conf|g|f)# end kouter1# ook for the |nterface to become act|ve *Mar 24 19S8S9602 INLkC1CSUDCWN |ne protoco| on Interface IastLthernet0]0 changed state to up Step 2 Conf|gure the router Ia0]1 |nterface w|th the |ast usab|e address |n the th|rd subnet (Subnet 2 |n the address chart) kouter1(conf|g)# |nterface fa0]1 kouter1(conf|g|f)# descr|pt|on Connect|on to sw|tch w|th stra|ghtthrough cab|e kouter1(conf|g|f)# |p address ff kouter1(conf|g|f)# no shutdown kouter1(conf|g|f)# end kouter1# ook for the |nterface to become act|ve *Mar 24 19S8S9602 INLkC1CSUDCWN |ne protoco| on Interface IastLthernet0]1 changed state to up Step 3 Conf|gure the host computer Conflgure Lhe hosL compuLer for LAn connecLlvlLy 8ecall LhaL Lhe LAn conflguraLlon wlndow ls accessed by cllcklng Lhe C golng Lo Lhe ueskLop Lab and Lhen cllcklng l conflguraLlons llll ln Lhe followlng flelds l Address 1he flrsL hosL address ln Lhe second subneL (SubneL 1 ln Lhe address charL) SubneL Mask 1he subneL mask uefaulL CaLeway 1he lasLLLherneL 0/0 l Address on 8ouLer1 Step 4 Ver|fy network connect|v|ty use Lhe plng command Lo verlfy neLwork connecLlvlLy wlLh Lhe rouLer lf plng replles are noL successful LroubleshooL Lhe connecLlon WhaL Clsco lCS command can be used Lo verlfy Lhe lnLerface sLaLus? WhaL Wlndows command can be used Lo verlfy hosL compuLer conflguraLlon? WhaL ls Lhe correcL LAn cable beLween hosL1 and 8ouLer1? At the end of th|s task your comp|et|on rate shou|d be 83 1ask 4 Save the kouter Conf|gurat|on I||e Clsco lCS refers Lo 8AM conflguraLlon sLorage as runnlngconflguraLlon and nv8AM conflguraLlon sLorage as sLarLupconflguraLlon lor conflguraLlons Lo survlve rebooLlng or power resLarLs Lhe 8AM conflguraLlon musL be copled lnLo nonvolaLlle 8AM (nv8AM) 1hls does noL occur auLomaLlcally nv8AM musL be manually updaLed afLer any changes are made Step 1 Compare router kAM and NVkAM conf|gurat|ons use Lhe Clsco lCS show command Lo vlew 8AM and nv8AM conflguraLlons WrlLe down one posslble shorLcuL command LhaL wlll dlsplay Lhe conLenLs of nv8AM ulsplay Lhe conLenLs of nv8AM lf Lhe ouLpuL of nv8AM ls mlsslng lL ls because Lhere ls no saved conflguraLlon kouter1# show startupconf|g startupconf|g |s not present kouter1# D|sp|ay the contents of kAM kouter1#show runn|ngconf|g use Lhe ouLpuL Lo answer Lhe followlng quesLlons Pow large ls Lhe conflguraLlon flle? WhaL ls Lhe enable secreL password? uoes your MC1u banner conLaln Lhe lnformaLlon you enLered earller? uo your lnLerface descrlpLlons conLaln Lhe lnformaLlon you enLered earller? WrlLe down one posslble shorLcuL command LhaL wlll dlsplay Lhe conLenLs of 8AM Step 2 Save kAM conf|gurat|on to NVkAM lor a conflguraLlon Lo be used Lhe nexL Llme Lhe rouLer ls powered on or reloaded lL musL be manually saved ln nv8AM Save Lhe 8AM conflguraLlon Lo nv8AM kouter1# copy runn|ngconf|g startupconf|g Dest|nat|on f||ename startupconf|g? 8u||d|ng conf|gurat|on Ck kouter1# WrlLe down one posslble shorLcuL command LhaL wlll copy Lhe 8AM conflguraLlon Lo nv8AM 8evlew Lhe conLenLs of nv8AM and verlfy LhaL Lhe conflguraLlon ls Lhe same as Lhe conflguraLlon ln 8AM At the end of th|s task your comp|et|on rate shou|d be 83 1ask S Conf|gure a C|sco Sw|tch Clsco lCS swlLch conflguraLlon ls (Lhankfully) slmllar Lo conflgurlng a Clsco lCS rouLer 1he beneflL of learnlng lCS commands ls LhaL Lhey are slmllar Lo many dlfferenL devlces and lCS verslons Step 1 Connect the host to the sw|tch Move Lhe console or rollover cable Lo Lhe console porL on Lhe swlLch Lnsure power has been applled Lo Lhe swlLch ln PyperLermlnal press LnLer unLll Lhe swlLch responds Step 2 Conf|gure g|oba| conf|gurat|on hostname sett|ng uependlng on rouLer model and lCS verslon your conflguraLlon may look sllghLly dlfferenL Powever Lhere should be no conflgured passwords lf your rouLer does noL have a defaulL conflguraLlon ask Lhe lnsLrucLor Lo remove Lhe conflguraLlon lrom Lhe user exec mode enLer global conflguraLlon mode Sw|tch en Sw|tch# conf|g t Sw|tch(conf|g)# Set the dev|ce hostname to Sw|tch1 Sw|tch(conf|g)# hostname Sw|tch1 Sw|tch1(conf|g)# Step 3 Conf|gure the MC1D banner CreaLe a sulLable MC1u banner Cnly sysLem admlnlsLraLors of Lhe A8C company are auLhorlzed access unauLhorlzed access wlll be prosecuLed and all connecLlon lnformaLlon wlll be logged Conflgure Lhe MC1u banner 1he MC1u banner ls dlsplayed on all connecLlons before Lhe logln prompL use Lhe LermlnaLlng characLer on a blank llne Lo end Lhe MC1u enLry lor asslsLance revlew Lhe slmllar sLep for conflgurlng a rouLer MC1u banner Sw|tch1(conf|g)# banner motd Warn|ng author|zed access on|y Step 4 Conf|gure the pr|v||eged exec password SeL Lhe prlvlleged exec password Lo class Sw|tch1(conf|g)# enab|e secret c|ass Sw|tch1(conf|g)# Step S Conf|gure the conso|e password SeL Lhe console access password Lo clsco Sw|tch1(conf|g)# ||ne conso|e 0 Sw|tch1(conf|g||ne)# password c|sco Sw|tch1(conf|g||ne)# |og|n Step 6 Conf|gure the v|rtua| ||ne password SeL Lhe vlrLual llne access password Lo clsco 1here are 16 vlrLual llnes LhaL can be conflgured on a Clsco lCS swlLch 0 Lhrough 13 Sw|tch1(conf|g||ne)# ||ne vty 0 1S Sw|tch1(conf|g||ne)# password c|sco Sw|tch1(conf|g||ne)# |og|n At the end of th|s task your comp|et|on rate shou|d be 100