Example Configuration Process

Example 7-1 illustrates how the console password is defined; gives host name, prompt, and interface descriptions; and shows the finished configuration. The lines beginning with ! are comment lines that highlight significant processes or command lines within the example. The show running-config command output also includes comment lines with just a ! to make the output more readable—many comment lines in the examples in this book were added to explain the meaning of the configuration. You should remember the process as well as these particular commands for the INTRO exam.

Example 7-1 Configuration Process Example User Access Verification




Router #configure terminal Router(config)#enable password lu Router(config)#line console 0 Router(config-line)#login Router(config-line)#password cisco Router(config-line)#hostname Critter Critter(config)#prompt Emma Emma(config)#interface serial 1

Emma(config-if)#description this is the link to Albuquerque




Emma#show running-config continues

Example 7-1 Configuration Process Example (Continued) Building configuration...

Current configuration: !

version 12.2 934 bytes

! Version of IOS on router, automatic command service timestamps debug uptime service timestamps log uptime no service password-encryption !

hostname Critter prompt Emma !

enable password lu !

ip subnet-zero no ip domain-lookup !

interface Serial0 !

interface Serial1 description this is the link to Albuquerque

interface Ethernet0 !

ip classless no ip http server line con 0 password cisco login

line aux 0

The preceding example illustrates the differences between user and privileged modes and configuration mode. The configure terminal command is used to move from priviledged mode into configuration mode. The command prompt changes when moving into configuration mode, and it also changes based on what you are doing in configuration mode. Plus, typing a ? in configuration mode gives you help just on configuration commands.

When you change from one configuration mode to another, the prompt changes. Example 7-2 repeats the same example as in Example 7-1, but with annotations for what is happening.

Example 7-2 Configuration Process with Annotations User Access Verification

Password: Router>enable

!In user mode, then you type the enable command Password:

Router #configure terminal

!In privileged mode, using the configure terminal command to enter global Router(config)#enable password lu

!The enable password command is a global command so the prompt stays as a global !command prompt

Router(config)#line console 0

! line console changes the context to console line configuration mode Router(config-line)#login

! login is a console subcommand, so the prompt remains the same Router(config-line)#password cisco ! password is also a console sub-command Router(config-line)#hostname Critter

!hostname is a global command, so it is used, and the mode changes back to global config mode Critter(config)#prompt Emma

!prompt is a global command, so the prompt stays as a global command mode prompt Emma(config)#interface serial 1

! interface changes contexts to interface subcommand mode Emma(config-if)#description link to Albuquerque

!description is a sub-command in interface config mode, so prompt stays the same


!exit backs up one mode towards global


!exit in global mode exits back to privileged mode

IOS also can change the contents of a configuration command that you type. For instance, if you type a command and set only default values, IOS typically does not add the command to the configuration file because it is not needed. Also, some commands include passwords that the router encrypts for display purposes, so the show running-config command lists only the encrypted form of the password. Example 11-3 shows a couple of examples of commands that show up differently in the show running-config output, as compared to the command typed in configuration mode.

Example 7-3 Example Config Commands That IOS Changes Emma#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Emma(config)#enable secret cisco

Emma(config)#banner motd # This is banner line 1

Enter TEXT message. End with the character '#'.

This is line 2

This is line 3, with an ending delimiter #

Emma(config)#"Z Emma#show running-config

! Lines ommitted to save space !

enable secret 5 $1$TRhO$BtwiiisUCcGYiM/oMjH6k0

! Lines ommitted to save space banner motd "C This is banner line 1 This is line 2

This is line 3, with an ending delimiter "C

When moving from user mode to enable mode, you must type the enable command and supply a password. If the enable password command has been used to configure the password, you should type that password. If the enable secret command has been used, as in Example 7-3, you should use the enable secret password. If both are configured, you use the enable secret password.

IOS automatically encrypts the enable secret password, as seen in the output of the show running-config command in Example 7-3. The password set with the enable password command can be encrypted, but someone wrote a program to decrypt the password back to the original clear-text password. Technically, the algorithm used to change the enable secret password performs a one-way hash instead of simple encryption, which means that the password cannot be decrypted.

The banner motd command is the other command that IOS changes in Example 7-3. The banner motd (motd stands for "message of the day") command causes a text banner to display when someone accesses the router from the console, Telnet, or an auxiliary port. The banner can span many lines; to know when you stop typing the banner text, the command uses a delimeter character. In the example, the # character was used as a delimeter. At the end of the line, the Return key was pressed. Then the router added the line that says to keep typing the banner and end it with a #. Two more banner lines were added, with the last line ending in the delimiter character, telling the router that the banner command was finished.

The show running-config output confirms that a three-line banner was added to the configuration, but note that the delimeter has been set to AC. AC represents Control+c, which is an ASCII code that cannot be displayed. The router automatically changes the banner command to use AC as the delimiter.

Was this article helpful?

0 0

Post a comment