Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

642-811 Question...

Status
Not open for further replies.
apasuper8

apasuper8

Technical User
Dec 17, 2003
5
0
0
US
In some study materials I found this question which had no answer to it.

A company has just purchased a new Catalyst 2950 layer switch for their parts department. The switch needs to have the passwords to secure access to the device's privileged EXEC mode, the five VTY sessions and to the console. All passwords will need to be encrypted so that they are unable to be read when viewing the configuration. The switch also requires that only the management VLAN (VLAN1) have access to the switch via Telnet. The management VLAN1 has already been configured.

Management VLAN IP address: 192.168.54.12/24
The passwords to be set are listed below.

Console: cisco
Privilege EXEC: cisco33
VTY sessions: cisco66

Can some one shed some light on this for me. Thanks!

 
Sort by date Sort by votes
You can use encryption when defining your passwords (you can choose from clear text, type 7 (less secure and crackable with tools like getpass from boson.com), or type 5 (MD5 hashing), which makes the password completely readable (however, anyone who has physical access to the device in question can get around such measures by simply
breaking in during the system boot sequence).

to set a password on vty's, you usually go into privledged mode (# prompt) and conf t; line vty 0 4; password (type) <password>; exit;

remember to save your configuration after you are sure it is working 100%, also, always have a hard copy and stored copy of your existing configuration before MAKING any changes (so you can go back if something doesn't work).
 
Upvote 0 Downvote
Thanks for the insite on the passwords but what about this part?

&quot;The switch also requires that only the management VLAN (VLAN1) have access to the switch via Telnet.&quot;

Thanks!

 
Upvote 0 Downvote
You can also an access-group to the VTY interface by creating an ACL containing whatever IP blocks need access. See below:

line vty 0 4
access-class 92 in (access list 92 will be applied inbound)
exec-timeout 30 0
password 7 <SNIP>
history size 50
full-help
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

doktor
  • Locked
  • Question
&quot;642-437 - Implementing Cisco Unified Communications Voice over IP and QoS v8.0 (CVOICE v8.0)&q
Replies
1
Views
72
gnrslash4life
gnrslash4life
djtech2k
  • Locked
  • Question
Study Questions for Comptia A+
Replies
0
Views
63
djtech2k
djtech2k
doktor
  • Locked
  • Question
642-437 - Implementing Cisco Unified Communications Voice over IP and QoS v8.0 (CVOICE v8.0) - ??
Replies
4
Views
88
pcasi
pcasi
doktor
  • Locked
  • Question
642-437 - Implementing Cisco Unified Communications Voice over IP and QoS v8.0 (CVOICE v8.0)
Replies
6
Views
103
Deweyhumbolt
Deweyhumbolt
bnorton916
  • Locked
  • Question
Frame Relay Question
Replies
5
Views
52
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top