RSSAll Entries in the "Cisco-remote-access" Category

Cisco: Using system banners announcements

Cisco: Using system banners announcements

Configuring banners on Cisco devices is very easy and it is a study material for CCNA. Even so, I found that not everybody is aware of the importance of the banners or know how banners can be used properly.

There are quite a lot of system banners that can be configured on a Cisco device, but today I will explain only the most used, or let’s say the most that I use, since this is a subjective choice. You will find below the banners name and a short explanation:

  • banner motd - add a message-of-the-day (MOTD) banner; usually not so important, but in case of urgent maintenance work can be useful; when someone connects to the router, the MOTD banner appears before the login prompt
  • banner exec – display a banner on terminals with an interactive EXEC; after the user successfully logs in to the router, the EXEC banner or incoming banner will be displayed
  • banner loginwhen someone connects to the router, the MOTD banner (if configured) appears first, followed by the login banner and prompts; e.g. it can be useful to display a warning in case that you are not authorized to access the machine
  • banner prompt-timeout – it display a message when the user is delaying a login above the definite period of time

If I forgot some very important banner or one that you find extremely useful please remind me to add it here or in another post. Please see below how to configure the system banners that I just described:

Digg This
Reddit This
Stumble Now!
Buzz This
Share on Facebook
Bookmark this on Delicious
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Popularity: 8% [?]

Calin | Dec 11, 2008 | Comments 5
Read More
Cisco: SSH enable | disable | reconfigure tutorial

Cisco: SSH enable | disable | reconfigure tutorial

One of the most used method for remote access today is SSH protocol. Even most on the network engineer say what is so complicated in the process of the enable , disable , reconfigure of the SSH process, my experience proved me that it can be really complicated, if you mess up stuff there.

One of the situation that I see very often, is that after a network engineer (administrator, beginner…) reconfigure SSH or hostname / domain-name on the Cisco routers is that they tell that is not working anymore with some errors like “key missing” or “key not matching” or more errors relating to the RSA keys. And in almost 90% from the cases was due to wrong order of operation during the SSH reconfigure.

Let’s say that we have a functional SSH access, and then we have to change the hostname and domain-name of the Cisco machine. As you know, SSH relay on RSA keys for connectivity, which relay on hostname and domain-name of the machine when the keys are creating. Most common error is that the network person change the hostname, domain-name, then delete the keys and reconfigure a new one…this is the happy case and for some routers and IOS platform is working. But, there is the worst one, when the person in charge change the domain-name and the hostname and then, he/she expect ssh to work like before. But it does not!

Please check the tutorial below for the correct order of operation in enabling, disabling or reconfiguring the SSH protocol on a Cisco device. For this tutorial I will use 2 point-to-point connected routers R0 and R1. I will enable SSH on R1 and then connect to it from R0.

SSH

Digg This
Reddit This
Stumble Now!
Buzz This
Share on Facebook
Bookmark this on Delicious
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Popularity: 16% [?]

Calin | Nov 25, 2008 | Comments 4
Read More