securing administrative access to a cisco router securing cisco routers pearson it certification OSPF, Securing Admin Access
Figure 3.2 Displaying the enable secret password command output in a show running-config command. Securing Console Access Using a Console Password A Cisco router's console port is the most important port on the device. Password recovery on the router can only be done using the console port. This port can be used to access the ROMMON mode on the router as well. The console port allows a hard break signal that interrupts the boot sequence of the router. You can issue the break sequence on a router within 60 seconds of the reboot, and it gives complete access to the user issuing this command. Cisco routers are vulnerable if you have physical access to the devices. However, if someone is trying to access the console port of the router remotely, you can apply an additional layer of security by prompting the user fora password. Here is how you protect the console port on the router: Router> enable Router# configure terminal Router(config)# line console 0 Router(config-line)# password Ciscorocks123 Router(config-line)# login Router(config-line)# end Router# Figure 3.3 shows how to configure password protection on the console port of a router.