Switch# configure terminal
Switch(config)# hostname S1
S1(config)# exitSwitch# configure terminal
Switch(config)# security passwords min-length 10
Switch(config)# !* for a 10 password lengthSwitch> enable
Switch# configure terminal
Switch(config)# enable password class
Switch(config)# exitSwitch> enable
Switch# configure terminal
Switch(config)# enable secret class
Switch(config)# exitRestricted access to the console port.
Switch(config)# line console 0
Switch(config-line)# password cisco
Switch(config-line)# logging synchronous
Switch(config-line)# !* Prevent console messages from aborting commands
Switch(config-line)# login !* Impose the use of the passwordPassword must be set to access device through telnet.
Switch(config)# line vty 0 4 !* or 0 15
Switch(config-line)# password cisco
Switch(config-line)# logging synchronous
Switch(config-line)# !* Prevent console messages from aborting commands
Switch(config-line)# login !* Impose the use of the passwordSwitch(config)# service password-encryptionFormat
Switch(config)# banner motd # Your message #Example:
Switch(config)# banner motd #
Enter TEXT message. End with the character '#'.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ @
@ This is a secure network ! @
@ No access authorized ! @
@ @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#
Switch(config)#RQ: it won't be saved with the config !!!
Switch# clock set 12:06:30 29 November 2016
Switch# show clock
12:6:33.623 UTC Tue Nov 29 2016
Switch#Disables the default behavior of the device of attempting to resolve the invalid command into an IP address.
Switch(config)# no ip domain-lookupTo use SSH, IOS has to be a 'K9' version. That means that the cryptography is taken over.
This command is accessible from the User and Privileged Modes.
Switch> show ip ssh
^
% Invalid input detected at '^' marker.
Switch>Switch> show ip ssh
SSH Disabled - version 1.99
%Please create RSA keys (of atleast 768 bits size) to enable SSH v2.
Authentication timeout: 120 secs; Authentication retries: 3
Switch>Switch> show ip ssh
SSH Enabled - version 1.99
Authentication timeout: 75 secs; Authentication retries: 2
Switch>Switch(config)# ip domain-name myDomainExample:
Switch(config)# ip domain-name CCNA-Lab.comSwitch(config)# username myName (privilege 0-15) secret myPassExample:
Switch(config)# username admin privilege 15 secret sshadminSwitch(config)# line vty 0 15
Switch(config-line)# transport input ssh
Switch(config-line)# login localHere we'll choose a modulus of 1024 bits
Switch(config)# crypto key generate rsa
The name for the keys will be: S1.CCNA-Lab.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
Switch(config)#Switch(config)# ip ssh version 2Switch(config)# ip ssh time-out 75Switch(config)# ip ssh authentication-retries 2Switch# show ip ssh
SSH Enabled - version 2.0
Authentication timeout: 75 secs; Authentication retries: 2Switch# show ssh
%No SSHv2 server connections running.
%No SSHv1 server connections running.Format
SSH -l username IPAddressExample:
The used password is sshadmin.
C:\>SSH -l admin 172.16.99.11
Open
Password:
S1>sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 75 secs; Authentication retries: 2
S1>exit
[Connection to 172.16.99.11 closed by foreign host]
C:\>Switch# show ip interface briefOptions:
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# duplex full
Switch(config-if)# endOptions:
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# speed 100
Switch(config-if)# !* the speed is 100 Mbps
Switch(config-if)# endRQ: To use this option, the speed and the duplex have to be auto.
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# duplex auto
Switch(config-if)# speed auto
Switch(config-if)# mdix auto
Switch(config-if)# endThe MAC address is 0060.3e71.9902.
Switch# show interfaces GigabitEthernet 0/1
GigabitEthernet0/1 is up, line protocol is up (connected)
Hardware is CN Gigabit Ethernet, address is 0060.3e71.9902 (bia 0060.3e71.9902)
Internet address is 172.16.99.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00,
Last input 00:00:08, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max/drops); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 watchdog, 1017 multicast, 0 pause input
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Switch#