Securing Console Access

Unauthorized users can access the console administrative interface by attaching a terminal (for instance, a laptop) directly to a router. Physical security has to be put in place for the router to prevent unauthorized users from gaining access to routers and the console interface. You also have to configure the router to require a password when users try to access it via the console port. The router or switch can authenticate users locally or via a remote security database, such as Cisco Secure Access Control Server (CSACS).

The console password can have from 1 to 25 uppercase and lowercase alphanumeric characters. Example 5-1 shows the configuration of a console password for a router.

0 0

Post a comment