1. You must disable Telnet on your Cisco switch/router since it will be enabled by default and will not disable until you manually disable it.
2. RTR-01>enable
3. RTR-01#conf t
4. RTR-01 (config) #line vty 0 15
5. RTR-01 (config-line) #transport input ssh
a. This transport command is telling the switch/router to only accept SSH connections
6. RTR-01 (config-line) #end
7. RTR-01#write
This blog consists of configurations and processes I have performed in a lab environment. In no way do I recommend or imply these processes need to be followed or are the correct way to execute on any network. Perform at your own risk. Also, please feel free to leave comments if my configurations are too old/need updating.
What's Popular
-
I know there are a few more ways to do these procedures, but this is just one example in this overall SOP. 1. First, from the UCS mana... -
• First off, VLANs are sorted through identifiers. Regular VLANs are identified with 1-4096. • There are actually VLANs 1-1001 which ar...
-
Via GUI: • Click on Device tab > Setup link > Operations tab • Click on shutdown device under device operations on the right...
Meh, Whatever is Featured
Linking Active Directory to Palo Alto
###First you need to create a server profile under the LDAP section. DEVICE>Server Profiles>LDAP then click on the Add down at the bo...
Thursday, January 27, 2022
Disable Telnet on Cisco Switch and Router
Wednesday, January 26, 2022
Change SSH Version
1. When you enable SSH, it might default to a version number that you are not running or do not wish to run. Make sure to enable the correct version.
2. First, you can find out which version you are running by doing the following:
a. RTR-01>enable
b. RTR-01#show run | include ssh version
i. Here it will show you which version of SSH you are running
ii. You can also just type RTR-01#show ip ssh
3. Next, you can change your version of SSH
a. RTR-01>enable
b. RTR-01#conf t
c. RTR-01 (config) #ip ssh version YOUR_DESIRED_VERSION
d. RTR-01 (config) #end
e. RTR-01#write
i. Or copy-running-config startup-config
4. Now, verify your version number:
a. RTR-01#show ip ssh
b. Orr you can type: RTR-01#show run | include ssh version
Monday, January 17, 2022
Create User and Password for Cisco Device
1. First, you will need to determine if you want a normal user, or an admin user. The following is for a normal user:
a. >enable
b. #conf t (configure terminal)
c. (config) #username YOUR_USER_NAME secret USER_PASSWORD
2. If you wish to create an admin user, the following can be done”
a. >enable
b. #conf t
c. (config) #username YOUR_USER_NAME privilege 15 secret USER_PASSWORD
3. Finally, you will need to enable logins into the switch/router by doing the following:
a. >enable
b. #conf t
c. (config) #enable secret DESIRED_PASSWORD_HERE
i. This will start requiring you to utilize logins into the switch and also with a default password
into the switch too.
4. You have now created a basic lockdown on your Cisco device. Again, this is just super basic utilizing the Cisco built in login local database.
5. Which you can enable (if you have not already) this way:
a. For the console line:
b. >enable
c. #conf t
d. (config) #int line con 0
e. (config-line) #login local
f. And finally for your VTY lines:
g. >enable
h. #conf t
i. (config) #line vty 0 15
j. (config-line) #login local
6. The main thing you need here is the login local command. This tells the switch/router to use the local user database to login.
Subscribe to:
Posts (Atom)