CCNA learning - management router switch

CPU name:

To set the identity of the router, we can use the command hostname. This only affects local, that will not affect how the router performs name lookup

Router#config t  (进入特权模式)
Enter configuration commands , one per 1ine. End with CNTL/Z.
Router(config)#hostname Todd  (改名Todd)
Todd(config)#hostname At1anta (改名Atlanta)
At1anta(config)#hostname Todd  (改名Todd)
Todd(config)#

set password:

Cisco router security password is used to ensure that there are five kinds: console password, auxiliary port password, Telnet (VTY) password, enable password (enable) and Enable encryption password (enable secret). Enable password and enable secret password to control access to privileged user mode, when the user executes enable command asked him to provide a password. Other three kinds of passwords for controlling the user through the console port, an auxiliary port, and Telnet enters user mode.

The following details each password.

1. Enable password

Password setting is enabled, as shown in global configuration mode:

Todd(config)#enable ?
**last-resort **                   Define enable action if no TACAC5 servers respond
**password**               Assign the privileged level password
**secret**                      Assign the privileged level secret
**use-tacacs**             Use TACAC5 to check enable passwords

Enable command parameters are as follows.
last-resort use TACACS server for authentication, but the server is unavailable, so you can still access the router; if TACACS server is available, this code will not work.
\ the n-
password Enable password set on the old system prior to 10.3, if you set a password encryption is enabled, the password will not work.
\ the n-
Secret newer encryption password, if set, takes precedence over the enable password.
use-tacacs let the router using a TACACS server for authentication. If there are dozens or more routers, which will be very convenient, after all, who would want to change the password on all of these routers? And when using TACACS server, you need only modify a password.
\ n
Here is an example to enable password settings:

Todd(config)#enable secret todd  (enable加密密码修改为：todd)
Todd(config)#enable password todd(enable密码修改为：todd)
The enable password you have chosen is the same as your
      enable secret. This is not recommended. Re-enter the
      enable password.

If you enable encryption password and enable password set to the same router will remind you to change the second password. If you do not use the old router, you do not need to use the enable password.
\ n
enter user mode password is set using the command 1ine:

Todd(config)#line ?
<0-337>         First Line number
aux                 Auxiliary line
console         Primary terminal line
tty                   Terminal controller
vty                  Virtual terminal

Here are the parameters involved in the CCNA exam.
aux auxiliary port user-mode code. Auxiliary ports are typically used to connect the modem to the router, but can also be used as a console port.
console settings console port user mode password.
vty set user access code via Telnet mode. If no such password is set, the default is not connected to the router via Telnet.
\ n
To configure user mode password, you can configure the appropriate line, and let the router using the command login to authenticate
\ n

2. The auxiliary port password

To configure the auxiliary port password, enter the global configuration mode and enter the line aux?. From the following output shows that you have only one option, that is 0, it is because there is only one auxiliary port:

Todd#config t
Enter configuration commands , one per line. End with CNTL/Z.
Todd(config)#line aux ?
         <0-0> First Line number
Todd(config)#line aux 0
Todd(config-line)#login
% Login disabled on line 1 , until 'password' is set
Todd(config-line)#password aux
Todd(config-line)#login

Do not forget to execute the command login, or auxiliary port will not be authenticated.
Front line to set a password, do not allow the implementation of the Cisco command login, because there is no password If after performing the command login, the line will not be available it will prompt the user for a password eleven non-existent

3.Telnet password

If the router is not running Cisco IOS Enterprise Edition, it will default to five VTY lines: 0-4. But if you are running Enterprise Edition, the line will be much more. To learn how many lines, the best way is to use a question mark:

Todd(config)#line vty 0 ?
  <1-15>  Last Line number
  <cr>
Todd(config)#line vty 0 15  (进入0-15)
Todd(config-line)#password telnet (设置密码为：telnet)
Todd(config-line)#login (登陆)
Todd(config-line)#

If no VTY password, you will be denied when attempting to login remote login, as follows:

Todd#  telnet SFRouter
Trying SFRouter (10.0.0.1)_Open
Password required , but none set
[Connection to SFRouter closed by foreign host]
Todd#

We can let the router is not set Telnet password is also allowed to establish a Telnet connection, use the no login command:
SFRouter (config-Line) #line vty 0 4
SFRouter (config-Line) #no the Login

We do not recommend using the no login because of insecurity