1. Line 4 in Example 3-46 has disabled the debug output from being visible. To enable debug messages to be sent to the console port, the command logging console debugging must be configured in global configuration mode. Alternatively, telneting to the router and enabling the terminal monitor command via the vty line enables the network administrator to view the debug output. (You must also ensure that the command logging monitor debugging is configured for Telnet users.)
2. Line 17 displays the alias, ethl, which is the command show interface ethernet0/1.
3. Line 16 defines an alias, eth0, which will be used as a shortcut to the show interface ethernet0/0 command. This IOS command displays the statistics of interface Ethernet0/0.
4. Line 6 (enable password ciscO) defines the enable password as ciscO. However, because a secret password exists on line 5, that is the password required to enter enabled mode, and because the secret password is encrypted, you cannot decipher the password.
5. Access list 100 defines an access-list with the source address 18.104.22.168 to the destination IP address 22.214.171.124. You can apply the command debug ip packet 100 with the optional keyword detail to view IP packets sent from the server to the IP address 126.96.36.199.
6. The Telnet user must be in privileged EXEC mode and must enable the terminal monitor command to ensure that debug output is sent to the vty line. Use the command logging monitor debugging to enable Telnet users to access console messages. See Example 3-47 for IOS help commands.
Example 3-47 logging ? Output
Hostname or A.B.C.D IP address of the logging host buffered
Set buffered logging parameters
Set CNS Event logging level
Set console logging level
Limit size of exception flush output
Facility parameter for syslog messages
Configure syslog history table
Set terminal line (monitor) logging level
Enable logging to all supported destinations
Set messages per second limit
Specify interface for source address in logging transactions
Set syslog server logging level cns-events console exception facility history monitor on rate-limit source-interface trap
7. The configuration in Example 3-46 does not include a configuration register, so the default register (0x2102) can be assumed as the correct setting. To correctly identify the configuration register, the show version (or show hardware) command is required.
8. Line 24 configures the router for no vty login, so there is no password; any Telnet users will be directed to the router at the EXEC prompt level.
9. Access list 1 is not defined on any interface and can be used when debug ip packet is turned on. Because it is a standard access list, it can be used to debug packets sourced from IP addresses 188.8.131.52 to 184.108.40.206.
10. The global IOS command service password-encryption encrypts all passwords, including the enable and vty password, if any.
Was this article helpful?