Packet Tracer – Configuring Initial move Settings

*
Objectives

Part 1: Verify the Default switch Configuration

Part 2: Configure a basic Switch Configuration

Part 3: Configure a MOTD Banner

Part 4: save Configuration documents to NVRAM

Part 5: Configure S2

Background

In this activity, you will certainly perform an easy switch configurations. You will secure accessibility to the command-line user interface (CLI) and console ports utilizing encrypted and also plain text passwords. Girlfriend will additionally learn just how to configure message for individuals logging into the switch. These banners are additionally used to warn unauthorized customers that accessibility is prohibited.

You are watching: What is the range of values shown for the vty lines?

Part 1: Verify the Default move Configuration

Step 1: go into privileged mode.

You can accessibility all switch commands from privileged mode. However, because many the the privileged regulates configure operating parameters, privileged access should it is in password-protected to stop unauthorized use.

The privileged EXEC command set includes those commands contained in user EXEC mode, and also the configure command through which access to the staying command settings are gained.

a. Click S1 and then the CLI tab. Press Enter

b. Go into privileged EXEC mode by entering the permit command:

Switch> enableSwitch#

Notice the the prompt readjusted in the construction to reflect privileged EXEC mode.

Step 2: study the current switch configuration.

a. Get in the present running-config command.

Switch# show running-config

b. Answer the adhering to questions:

How countless FastEthernet interfaces does the switch have? 24

How plenty of Gigabit Ethernet interfaces walk the move have?2

What is the selection of values shown for the vty lines? 0 -15

Which command will display the current components of non-volatile random-access memory (NVRAM)?

show startup-configuration

Why does the switch respond v startup-config is no present?

It displays this message because the configuration document was not conserved to NVRAM. Currently it is only situated in RAM.

Part 2: create a straightforward Switch Configuration

Step 1: entrust a surname to a switch.

To configure parameters on a switch, you might be compelled to move between various configuration modes. Notification how the prompt changes as girlfriend navigate with the switch.

Switch# configure terminalSwitch(config)# hostname S1S1(config)# exitS1#

Step 2: Secure access to the console line.

To secure accessibility to the console line, accessibility config-line setting and collection the console password to letmein.

S1# configure terminalEnter construction commands, one per line. End with CNTL/Z.S1(config)# heat console 0S1(config-line)# password letmeinS1(config-line)# loginS1(config-line)# exitS1(config)# exit%SYS-5-CONFIG_I: Configured indigenous console by consoleS1#

Why is the login command required?

In order for the password checking process to work, it needs both thelogin and password regulates

Step 3: Verify the console accessibility is secured.

Exit privileged mode to verify the the console harbor password is in effect.

S1# exitSwitch con0 is currently availablePress RETURN to obtain started.

User access VerificationPassword:S1>

Note: If the switch did no prompt you for a password, then you did not configure the login parameter in step 2.

Step 4: secure privileged mode access.

Set the allow password to c1$c0. This password protects access to privileged mode.

Note: The 0 in c1$c0 is a zero, not a capital O. This password will not grade together correct till after friend encrypt that in step 8.

S1> enableS1# configure terminalS1(config)# enable password c1$c0S1(config)# exit%SYS-5-CONFIG_I: Configured from console through consoleS1#

Step 5: Verify the privileged mode accessibility is secure.

a. Enter the departure command again come log the end of the switch.

b. Press and also you will now be asked for a password:

User accessibility VerificationPassword:

c. The an initial password is the console password you configured because that line con 0. Enter this password to go back to user EXEC mode.

d. Go into the command to access privileged mode.

e. Get in the second password friend configured to defend privileged EXEC mode.

f. Verify your configurations by analyzing the components of the running-configuration file:

S1# show running-configuration

Notice how the console and allow passwords are both in level text. This can pose a defense risk if someone is feather over your shoulder.

Step 6: Configure an encrypted password come secure accessibility to privileged mode.

The permit password have to be replaced with the more recent encrypted mystery password using the enable mystery command. Collection the enable an enig password to itsasecret.

S1# config tS1(config)# enable secret itsasecretS1(config)# exitS1#

Note: The enable secret password overrides the enable password. If both room configured on the switch, you must go into the enable an enig password to enter privileged EXEC mode.

Step 7: Verify the the enable mystery password is added to the configuration file.

a. Get in the present running-configuration command again come verify the new enable secret password is configured.

Note: You can abbreviate show running-configuration as

S1# present run

b. What is shown for the enable secret password? $1$mERr$ILwq/b7kc.7X/ejA4Aosn0

c. Why is the enable secret password displayed in different way from what us configured?

The enable secret is displayed in encrypted form, conversely, the enable password is in level text.

Step 8: Encrypt the enable and console passwords.

As you noticed in Step 7, the enable secret password to be encrypted, however the permit and console passwords to be still in level text. Us will now encrypt these plain text passwords using the company password-encryption command.

S1# config tS1(config)# service password-encryptionS1(config)# exit

If you configure any more passwords ~ above the switch, will they be presented in the configuration record as level text or in encrypted form? define why?

The business password-encryption command encrypts every current and also future passwords.

Part 3: Configure a MOTD Banner

Step 1: Configure a article of the job (MOTD) banner.

The Cisco IOS command collection includes a feature that permits you come configure messages the anyone logging top top the switch sees. This messages are referred to as message of the day, or MOTD banners. Enclose the banner message in quote or usage a delimiter different from any kind of character appearing in the MOTD string.

S1# config tS1(config)# banner motd “This is a for sure system. Authorized accessibility Only!”S1(config)# exit%SYS-5-CONFIG_I: Configured native console by consoleS1#

When will this banner be displayed?

The article will be presented when someone enters the switch with the console port.

Why have to every switch have actually a MOTD banner?

Every switch should have actually a banner to warn unauthorized users that access is prohibited yet can likewise be offered for sending out messages come network personnel/technicians (such as unavoidable system shutdowns or who to contact for access)

Part 4: conserve Configuration files to NVRAM

Step 1: Verify that the configuration is accurate using the present run command.Step 2: save the configuration file.

You have completed the simple configuration the the switch. Now ago up the to run configuration document to NVRAM to ensure the the transforms made room not lost if the device is rebooted or loser power.

S1# copy running-config startup-configDestination filename ?Building configuration…

What is the shortest, abbreviated variation of the copy running-config startup-config command? cop r s

Step 3: research the startup configuration file.

Which command will display the materials of NVRAM? display startup-config

Are every the alters that were entered recorded in the file? Yes, that is the same as the running configuration.

Part 5: Configure S2

You have completed the configuration on S1. Friend will currently configure S2. If you can not remember the commands, refer to parts 1 to 4 because that assistance.

Configure S2 through the complying with parameters:

a. Surname device: S2

b. Protect access to the console using the letmein password.

c. Configure an enable password of c1$c0 and also an enable an enig password that itsasecret.

d. Configure a message to those logging right into the switch with the following message:

Authorized accessibility only. Unauthorized access is prohibited and violators will be prosecuted to the full extent of the law.

e. Encrypt all plain text passwords.

f. Ensure that the construction is correct.

See more: What Statement Describes The Function Of The Address Resolution Protocol?

g. Conserve the configuration paper to stop loss if the switch is powered down.

Switch> enableSwitch# config tEnter configuration commands, one every line. End with CNTL/Z.Switch(config)# hostname S2S2(config)# heat console 0S2(config-line)# password letmeinS2(config-line)# loginS2(config-line)# enable password c1$c0S2(config)# enable mystery itsasecretS2(config)# banner motd $any message here$S2(config)# company password-encryptionS2(config)# carry out copy running-config startup-config

Suggested Scoring Rubric
*
Instructions:

Switch 1 – S1

Switch>enableSwitch#configure terminalSwitch(config)#hostname S1S1(config)#line console 0S1(config-line)#password letmeinS1(config-line)#loginS1(config-line)#exitS1(config)#exitS1#configure terminalS1(config)#enable password c1$c0S1(config)#exitS1#configure terminalS1(config)#ena sec itsasecretS1(config)#exitS1(config)#service password-encryptionS1(config)#exitS1#configure terminalS1(config)#banner motd #This is a certain system. Authorized access Only!#S1(config)#exitS1#copy running-config startup-config

Switch 2 – S2

Switch>enableSwitch#configure terminalSwitch(config)#hostname S2S2(config)#line console 0S2(config-line)#password letmeinS2(config-line)#loginS2(config-line)#exitS2(config)#exitS2#configure terminalS2(config)#enable password c1$c0S2(config)#exitS2#configure terminalS2(config)#ena sec itsasecretS2(config)#exitS2(config)#service password-encryptionS2(config)#exitS2#configure terminalS2(config)#banner motd #Authorized access only. Unauthorized access is prohibited and also violators will be prosecuted to the full level of the law.#S2(config)#exitS2#copy running-config startup-config