CCNA LAB

How to configure different types of security on Router? How to set passwords on Router?

In this article, we will learn the different ways of setting a password on the Cisco router with the help of cisco packet tracer lab. But first, the question arises that Why we need to put different types of security for different users? From the point of view of the running status of the network is very important. Somehow it stops or fails then it can cause a big data loss for the company. It becomes very important to keep all data safe. Someone can willingly harm the router or can theft the data of the company and can also do a cyber attack on the company database. Sometimes it may be due to technical error or human error. So to prevent data loss from willing actions company set password protection on the router so that no one can harm or theft any data of the company without the knowledge of passwords.

This article is all about the security of the router. Here we will learn the security of Auxiliary Port, Console Port, Enable Mode protection in Router and also the security of Telnet on Router. I will tell you all info about security by showing it on Cisco Packet Tracer Lab which is given below so watch it very carefully and then understand all concept of security step by step.

Topology Diagram of Router Security.

Port based security on Router.

Port-based security on Router.

In the Topology diagram, I have 2 routers and each router has 1-1 switch with 2 PCs for both. Here I’ll configure Auxiliary password protection on Router0 and Console Port protection for Router1 and also will configure Telnet Password protection for both the routers. Besides this, I’ll configure enable password and enable secret protection for both the routers. Here I’ll also tell you about which protection is good for security purpose.

Let’s start configuring security in Router. Watch each and every step with deep eyes –

Assign an IP address to interfaces are required as shown in the Topology.

Command for Router0 

Router0>enable

Router0#conf t

Enter configuration commands, one per line. End with CNTL/Z.  

Router0(config)#interface FastEthernet0/0

Router0(config-if)#ip address 1.0.0.1 255.0.0.0

Router0(config-if)#exit  
Router0(config)#interface FastEthernet0/0 

Router0(config-if)#ip address 2.0.0.1 255.0.0.0 

Router0(config-if)#exit

 

Command for Router1

Router0>enable 

Router0#conf t 

Enter configuration commands, one per line. End with CNTL/Z.  

Router0(config)#interface FastEthernet0/0 

Router0(config-if)#ip address 3.0.0.1 255.0.0.0 

Router0(config-if)#exit

Router0(config)#interface FastEthernet0/0 

Router0(config-if)#ip address 2.0.0.2 255.0.0.0 

Router0(config-if)#exit

Assign static IPs to all PCs.

How to Configure security in Enable mode

Router0(config)#enable password deepakacademy

Now save your router setting and reload router then check whether the router asks for password on startup? If it asks for password then you have successfully configured enable mode security by putting a password on startup of the router.

Note – Enable password protection deems as weak security protection because anyone can know the password after entering in the router configuration setting. It is very easy to find the password of enable mode.  You can also check this password by putting below command in configure terminal mode

Router#show run

Building configuration...

Current configuration: 640 bytes

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

hostname Router

enable password deepakacademy

 

How to Configure security with Enable secret Command?

Router0(config)#enable secret academydeepak

This method of security is treated as the securest method of protection. Because in this method password is encrypted in the unreadable form. A normal user can’t decrypt this encrypted password. You can it by putting show run command.

Router#show run

Building configuration...

Current configuration : 687 bytes

version 12.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

hostname Router

enable secret 5 $1$mERr$CY.U82JTvpQlkhEMWPWEW.

 

How to Configure security for Auxiliary Port?  

What is Auxiliary Port? What is the use of Auxiliary Port?

The Auxiliary Port in router works as the backup async port. It functions as backup syncing port for the router.  The purpose to set an Auxiliary port router is to connect the router with another modem. This modem can be worked for backup demand-dial connection to another location.

Router0(config)#line aux 0

Router0(config-line)#password deepakacademy

Router0(config-line)#login

Also Read :

  1. How to configure Router as DHCP Server?
  2. How to backup router data through FTP Server?
  3. How to configure Syslog Server?

How to Configure security for Console Port?   

What is Console Port in Router? Why we need console port in the router?

As we know, Router and switch are physical devices. there is no existence of display or screen so that we can configure its settings. So for this we have a method to configure settings on router and switch. So basically the console port is used to connect computer or laptop directly to the router.

Router0(config)#line console 0

Router0(config-line)#password deepakacademy

Router0(config-line)#login

How to secure Telnet  on Router

What is Telnet? Why telnet is required?

Telnet is a remote login program which helps us to manage any device remotely. So, we configure Telnet services on a router to access it from anywhere remotely. If you are at a remote location and you want to configure, manage and monitor to your router from a remote location. Then you can control your router remotely through telnet without your physical presence actually where your router is.

Router1(config)#enable password deepakacademy   

Router1(config)#username user1 password user1

Router1(config)#username user2 password user2

Router1(config)#line vty 0 4 

Router1(config-line)#password ccna 

Router1(config-line)#login local 

Router1(config-line)#exit

In this post, we have learnt the different ways of setting a password on the Cisco router. Here we learned the security of Auxiliary Port, Console Port, Enable Mode protection in Router and also the security of Telnet on Router. Guys if you have doubt or any query with this post then don’t hesitate to contact me. And if you have any suggestion for me then please write to me the comment box. If you like my posts please share it with your friends.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s