วันก่อนได้ทำการ Config router กับ Mpls ของ CAT ซึ่งส่วนตัวผมไม่ได้มีประสบการณ์ด้าน Cisco มากนัก (นอกจาก GNS3 และ Cisco Packet Tracer) โดยการ Config นั้นไม่ได้มีอะไรมากเพียงแค่ใส่ IP Address ให้กับ interface และ Add route เท่านี้ก็ใช้งานได้แล้ว(ที่เหลือทาง CAT จัดการไปหมดแล้ว)
1841-hq#sh run
Building configuration...
Current configuration : 3203 bytes
!
! Last configuration change at 14:35:01 TH Mon Apr 25 2011
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1841-hq
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone TH 7
ip source-route
!
!
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
multilink bundle-name authenticated
!
!
username root privilege 15 password 0 cisco-admin
!
!
!
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 172.24.80.241 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.201.51.95 255.255.255.252
duplex auto
speed auto
!
ip forward-protocol nd
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
ip route 0.0.0.0 0.0.0.0 172.24.80.241
ip route 172.24.80.0 255.255.255.0 172.201.51.95
ip route 172.146.41.0 255.255.255.252 172.201.51.95
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
snmp-server community public RO
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
password cisco-admin
login
transport input telnet
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
!
scheduler allocate 20000 1000
end
ผมยังไม่ได้จัดการเรื่องความปลอดภัย เกี่ยวกับ Router Security Configuration นะครับ
- Blogger Comment
Subscribe to:
Post Comments
(
Atom
)
0 comments:
Post a Comment