Configure Cisco Router Passwords – GNS3 Lab
In this tutorial we will use GNS3 to do a very basic task to secure your routers – apply a password so that users will be asked for this password when try to enter the privileged mode. For example:
Router>enable
Password: ******* (enter that password here)
Router# (this is the privileged mode)
Now let’s start!
First launch the GNS3, for this tutorial I use the IOS c2600-bin-mz.123-6f.bin but this is a very fundamental lab so you can use any IOS you have.
1. Drag the Router c2600 the place it onto the right-side box,
2. Click the Start button (the green triangle button)
3. Click the Telnet to all IOS button (the black button) to open the Telnet command line interface (CLI).
The CLI window will appear, asking “Would you like to enter the initial configuration dialog? [yes/no]:”. Type n here as we want to configure this router manually.
Wait for a few seconds and now the router will be ready for the configuration.
Router>enable
Router#configure terminal (or type conf t as a shortcut)
Router(config)#enable password digitaltut
Router(config)#exit (or press Ctrl-Z)
Router#exit (to exit privileged mode)
We logged out the router, notice that you will see two lines “Router con0 is now available” and “Press RETURN to get started.” Press Enter to enter the user mode (a line Router> will appear)
Now we can test if the password is working. Log in the privileged mode with the enable command
Router>enable
Now we can see the router is asking for a password. Type “digitaltut” as its password here and we can log in to the privileged mode
Notice that we with the “enable password” command, the router will save our password in plain text. It means if someone types show running-config on our router, they can see our password.
Router#show running-config (or show run)
This is a thing we don’t want as our router is not secured completely. In fact, most of the administrators use the “enable secret” command nowadays. To do it, in the privileged mode type the following commands:
Router#config terminal
Router(config)#enable secret digitaltutSecret (notice the letter “S” is capital)
Router(config)#exit
Router#exit
Now try to log in the privileged mode again (type enable in the user mode). First, try the password digitaltut again; the router will not accept this password anymore. Now type digitaltutSecret and we can login! (make sure you capitalize the letter S).
So notice that if you configure the enable secret command, it takes precedence over the enable password command. The two commands cannot be in effect simultaneously.
The enable secret command will encrypt the password so no one can see the password with the show running-config command. We can check it.
Router#show running-config
We can also set the password for console and vty (telnet) login with these commands:
Set console password:
Router#config terminal
Router(config)#line console 0
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
Set vty (virtual terminal lines) password:
Router#config terminal
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
By default, a Cisco router supports 5 simultaneous telnet sessions. By using the command line vty 0 4, the configuration below will be applied to all 5 sessions (line 0 to line 4).
Notice these passwords are not encrypted and we can see them with the “show running-config” command. We can encrypt all the passwords with the service password-encryption command in global configuration mode
Router(config)# service password-encryption
Another notice is that we can’t login to a Cisco router via telnet if we don’t set a vty line password for it.
Hi there, thanks for all the efforts. 9tut rocks. May god bless you for helping others.
Hi, Everything is available on internet but not solved Lab. Thanks for the same.
Very rich tutorial, keep it up. Thanks
to all,
where can i get IOS for GNS3 Lab. thanks in advance and my email: mhikee@hotmail.it
please i install GNS3 i am allways getting 209 error masseges for ios. is there any where to download from this file or solution
many thanks
kindly send me ccna dumbs latest and gns3 software my id is kenbraebi@yahoo.com
great work. very appreciable!!!!!!!!!!!!!
i m experience a 203 error on gns …while loading a gns3 downloaded lab from 9tut ..is anyone knows about this 203 ?
Plz send me the latest dumbs for ccna 640-802
really helpfull for me.i am a new to network side
i have a problem with my telnet local host in GNS3. when i am trying to configure my router using the telnet locahost, it doesn’t work.
can some one have an idea about that?
thanks guys..big help
Hi there, plz help i need ios for gns3 use. Plz help , my email:nissy357@yahoo.com
guys’ go to (Networkguides.net/ios
i love this. thanks a lot guys.
please can i have latest CCNA DUMP?
mail to : aniszafree@gmail.com
Can I have the latest dumps?
Thanks
mail to: jo123@live.ca
please send me latest dumps sadiahassan60@yahoo.com
Can I have the latest dumps?
Thanks
mail to: ijecov@gmail.com
For anyone who needs help with cisco images.
http://www.careercert.info/2009/05/new-cisco-ios-version-124-collection.html
plus if you need other things like Junos olive images check out frostwire or similar torrents. Peace 9tut!
WillKoolz
Forgot to help people with VMware labs…use this
http://rednectar.net/gns3-workbench/
Much better for GNS3.
Willkoolz
verry good
i have experiencing trouble to enter in config terminal even after typing right password in GNS 3 software i have already ready file with 3 router with setting up the password & save the running file into startup-config,But when i close the file which i configure router with ip address n password sat.when again open the same file the router does not take my setting password even after typing correctly dont understand why it happens can anyone help me out in this ?
Hello plz i need help!!!!
I m working on SDM in gn3 and i set loopback adapter fine, now my router can communicate with the loopback adapter 192.168.137.1 and from both sides the ping reply is successful. now when i lauched sdm from my laptop to connect to gns router then it launches in firefox and asking for user name and password, when i enter user name and password then its not accepting.
i created the user in router with the following command
username ali privilege 15 password 0 cisco
also i configured the router with the following commands
ip http server
ip http authentication local
ip http secure-server
everything is fine as the book says but i do not know why the user can not be verfied from the local database . plz helpppp
thanks a lot, kiss
9Tut is great! Thanks for sharing. Another great site is routergod.com He’s got some funny stuff on there.
die Auswahl bei Ihnen kompliziert
countryma bb4arg48
Sarsparilla snack foods impotency not to mention works as a maintain detoxifier. Les bijoux Pandora Vente http://www.lamariposapolo.com.ar/england/pandorabead.php
In modo efficace?
smokeyma bb4arg48
Bravo, what words…, a brilliant idea
cleanerma bb4arg48
Its very very useful information for beginners, thank u so much
Hi,
Can anyone tell me, how can i configure my cisco router, so that when trying to give show running config, it will ask for password…
is there any way to do this??
I badly need this
Arvind Tiwary
I would like to get a latest dumps
Pls mail it :mohamedhashik.kp@gmail.com