Scenario Solutions

1. Line 4 in Example 3-46 has disabled the debug output from being visible. To enable debug messages to be sent to the console port, the command logging console debugging must be configured in global configuration mode. Alternatively, telneting to the router and enabling the terminal monitor command via the vty line enables the network administrator to view the debug output. (You must also ensure that the command logging monitor debugging is configured for Telnet users.)

2. Line 17 displays the alias, ethl, which is the command show interface ethernet0/1.

3. Line 16 defines an alias, eth0, which will be used as a shortcut to the show interface ethernet0/0 command. This IOS command displays the statistics of interface Ethernet0/0.

4. Line 6 (enable password ciscO) defines the enable password as ciscO. However, because a secret password exists on line 5, that is the password required to enter enabled mode, and because the secret password is encrypted, you cannot decipher the password.

5. Access list 100 defines an access-list with the source address 131.108.2.100 to the destination IP address 131.108.1.1. You can apply the command debug ip packet 100 with the optional keyword detail to view IP packets sent from the server to the IP address 131.108.1.1.

6. The Telnet user must be in privileged EXEC mode and must enable the terminal monitor command to ensure that debug output is sent to the vty line. Use the command logging monitor debugging to enable Telnet users to access console messages. See Example 3-47 for IOS help commands.

Example 3-47 logging ? Output

Randy1(config)#logging ?

Hostname or A.B.C.D IP address of the logging host buffered

Set buffered logging parameters

Set CNS Event logging level

Set console logging level

Limit size of exception flush output

Facility parameter for syslog messages

Configure syslog history table

Set terminal line (monitor) logging level

Enable logging to all supported destinations

Set messages per second limit

Specify interface for source address in logging transactions

Set syslog server logging level cns-events console exception facility history monitor on rate-limit source-interface trap

7. The configuration in Example 3-46 does not include a configuration register, so the default register (0x2102) can be assumed as the correct setting. To correctly identify the configuration register, the show version (or show hardware) command is required.

8. Line 24 configures the router for no vty login, so there is no password; any Telnet users will be directed to the router at the EXEC prompt level.

9. Access list 1 is not defined on any interface and can be used when debug ip packet is turned on. Because it is a standard access list, it can be used to debug packets sourced from IP addresses 131.108.0.0 to 131.108.255.255.

10. The global IOS command service password-encryption encrypts all passwords, including the enable and vty password, if any.

0 0

Post a comment