Welcome to our Online Store!

Cisco Router Security Configuration Commands

2018-05-23 10:01:11

[Article summary] Which command criteria do you want Cisco to use on each router? Each administrator has its own "correct" configuration of each router's commands. The ten commands in this article are that I think you should configure on every router, there is no special order. Is there a standard for which commands you want Cisco to use on each router? Each administrator has its own "correct" configuration of each router's commands. The ten commands in this article are what I think you should configure on each router. There is no special order.

1. Configure a login account on the router.

Cisco Router I strongly configure a real user name and password account on the router and switch. Doing this means that you need users and passwords to gain access.

Other than that, I use a secret password for the username instead of just a regular password. It uses MD5 encryption to encrypt passwords and greatly improves security. Here are some examples:

Router(config)#usernamerootsecretMy$Password

After configuring the username, you must enable the port that uses that username. Here are some examples:

Router(config)#linecon0

Router(config-line)#loginlocal

Router(config)#lineaux0

Router(config-line)#loginlocal

Router(config)#linevty04

Router(config-line)#loginlocal

2. A host name

I guess the default host name on the router is router. You can keep this default, and the router will work as normal. However, it makes sense to rename the router and uniquely identify it. For example:

Router(config)#hostnameRouter-Branch-23

In addition, you can configure a domain name on the router so that it knows which DNS domain it is in. in. Here are some examples:

Router-Branch-23(config)#ipdomainnameTechRepublic.com

3. Setting a password for entry mode

When it comes to setting entry mode Many people think of using the enablepassword command when they have a password. However, instead of using this command, I strongly recommend using the enablesecret command.

This command encrypts the password using the MD5 encryption method, so the prompt is not displayed. For example:

Router(config)#enablesecretMy$Password

4. Encrypting Router Passwords

The Cisco router does not encrypt passwords by default in the configuration. However, you can easily change this. For example:

Router(config)#servicepassword-encryption

5. Disabling Web Services

Cisco routers are also enabled for Web services by default. It is a security risk. If you do not plan to use it, it is best to turn it off. Here are some examples:

Router(config)#noiphttpserver

Address: Room110,No.389 Jinwan Road,Shanghai,China

Email: daisy.dai@ccitel.com
service time: 7x24 hour

CCIT ICT PRODUCTS