How to Configure CISCO Router Password?

Passwords are used to restrict access to a CISCO router. Passwords can be given to the virtual terminal lines and the console line. Moreover, password can be set privileged EXEC mode. This page will provide the information to set up CISCO router password to virtual terminal lines, console lines and privileged mode. Even more, you will learn how to encrypt the password also.

Why console password is required?

Console password is useful on a network on which multiple people have to access to the router. The persons who are not authorized, can't access the router. Thus it prevents unauthorized person from accessing the router.

Configuring console password of a CISCO routers:

1. Enter global configuration mode of the CISCO router.
2. Put the command line console 0 to the router.
3. Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
4. At last, put the command login.

Commands for configuring console password

Router>enable

Router#config t

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#line console 0

Router(config-line)#password cisco

Router(config-line)#login

Router(config-line)#

Why virtual terminal password is required?

Virtual terminal password refers to telnet password. Through telnet, you can access the router and can change anything. So, it's really important to protect the use of telnet by giving a strong password.

Configuring virtual terminal password of a CISCO router:

Different hardware has different no of vty lines defined. Cisco has the range 0 to 4 vty lines. It means it has 5 vty lines. You can set the password of vty lines by the following steps:

1. Enter global configuration mode of the CISCO router.
2. Put the command line vty 0 4 to the router.
3. Provide the password by using password command. For example, if you want to put password "cisco" then the command will be password cisco.
4. At last, put the command login.

Commands for configuring virtual terminal password

Router>enable

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#line vty 0 4

Router(config-line)#password cisco

Router(config-line)#login

Router(config-line)#

Why enable password is required?

Enable password is required to restrict the access of privileged EXEC mode.

Configuring enable password of a CISCO router:

From the global configuration mode, use the command enable password to restrict access to privileged EXEC mode. However, this password is visible in the routers configuration file. To encrypt the password, enable secret command is required. By using enable secret command the password is encrypted and can't be readable to a human.

Commands for configuring enable password

Enable password:

Router>enable

Router#config

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#enable password cisco

Router(config)#

Perform password encryption:

Router>enable

Router#config

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#enable secret cisco

Router(config)#

How to encrypt all the CISCO router password?

By default all the passwords of a CISCO router is readable in clear text in the configuration file. This is a great security threat if someone read it and configure or change the router configuration. So, to protect form display the password, service password-encryption command is used to encrypt the passwords. Service password-encryption is a global command and encrypt the passwords:

• enable password
• console password
• vty password
• aux password

By following the above steps you can easily configure CISCO router passwords.

More Cisco ROUTER INFO:
cisco 1900 router modules, cisco router 1900 modules, Cisco 1900 accessories power

EIGRP Neighborship Troubleshooting

As was shown in the OSPF neighborship troubleshooting article earlier, there are a number of things that need to be configured correctly for everything to end up working as planned. This article takes a look at these requirements from the perspective of Enhanced Interior Gateway Routing Protocol (EIGRP) and shows the different commands that can be used to ensure proper EIGRP neighborship configuration and communications between devices.

EIGRP Neighborship Requirements

From the perspective of EIGRP, there are a couple of things that must match for a EIGRP neighborship to establish; keep in mind that these are different from other routing protocols (like OSPF ), these include:

1. The devices must be in the same autonomous system (AS)
2. The devices must have the same authentication configuration
3. The devices must have the same k-values

EIGRP Neighborship Configuration Verification and Troubleshooting

Starting from the top of the list, the interfaces connecting devices must be on the same autonomous system. To display the various commands and what to look for, Figure 1 shows a simple lab has been setup with two devices that are connected together via an Ethernet connection.

Figure 1 - Simple Lab

The first thing that is going to be checked by the EIGRP device is whether the remote device is in the same autonomous system. No other processing will occur on the device until both devices have been configured with the same area. The troubleshooting for this type of problem requires someone with access to the remote device; this is because there is nodebug command that can be used that will show an obvious AS mismatch. The only way to confirm that this is the problem is to verify the configuration of the devices and verify the AS is the same on each. Figure 2 and 3 below show the EIGRP configuration on both R1 and R2; R2 has been configured with the incorrect AS (AS 1).

Figure 2 - Mismatched Autonomous Systems (R1)

Figure 3 - Mismatched Autonomous Systems (R2)

The second entry on the list was that each device must have matching authentication configuration; before any other information is exchanged between the devices they must agree on an authentication type (if any is configured). EIGRP has a number of different errors messages that are given depending on the specific authentication based failure. The message that is shown in Figure 4 is given when a local device that is not configured with EIGRP authentication is attempting to communicate with a remote device that has an existing authentication configuration.

Figure 4 - Local Missing Authentication Configuration (Complete)

The message that is shown in Figure 5 is given when the local device has been partially configured with EIGRP authentication.  In this example, EIGRP authentication has been configured on the connecting interface but the key chain has not yet been configured (no live authentication keys).

Figure 5 - Local Missing Authentication Configuration (No key chain configured)

For the next couple of authentication examples, the local device has already been configured correctly for EIGRP authentication but the remote device has not. The message that is shown in Figure 6 is given when a remote device has not been configured with any authentication configuration.

Figure 6 - Remote Missing Authentication Configuration (Complete)

The message shown in Figure 7 is given when the remote device has EIGRP authentication configured but does not have a configuration that matched with the local configuration (commonly this is a key string mismatch).

Figure 7 - Remote Authentication Configuration Mismatch

The final entry on the list was that the k-values must match between the communicating devices. Typically, the default values are not changed but if they are, each of the neighboring devices must share the same values. The message that is shown in Figure 8 is given if a mismatch is detected between EIGRP devices; no debug command is required for this message to be displayed.

Figure 8 - k-value Mismatch

Summary

A neighborship is the first thing that must be established before any communication will happen between devices. Each of the different routing protocols has their own requirements that must be met before this neighborship will establish. This article takes a look at the elements that must match for EIGRP neighborships to establish and what commands to use to troubleshoot which misconfiguration potentially exists. Hopefully, the information in this article, when committed to memory, will help in future EIGRP configuration endeavors.

---http://www.petri.co.il/eigrp-neighborship-troubleshooting.htm

More Related Cisco Networking Tips:

cisco 1900 licenses

1900 cisco licenses

cisco 1900 router licenses

cisco router 1900 licenses