Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#enable secret cisco
R1(config)#line console 0
R1(config-line)#exec-timeout 30 30
R1(config)#line vty 0 4
R1(config)#line aux 0
R1(config-line)#exec-timeout 15 30
R1(config)#banner motd +
Enter TEXT message. End with the character ‘+’.
WARNING!!! UNAUTHORIZED USERS ARE PROHIBITED TO ACCESS THIS DEVICE!
To enter the privilege exec mode, use the enable command. In this mode, you can change some of the router settings like time, save/delete the configuration, reload the router etc.; and use the show commands to display the status of specific configuration and interfaces configuration etc. You can also tell if you are in the privilege exec mode by looking at the # symbol after the name. The exec mode has the > symbol.
To configure the router, you have to use the global configuration mode by using the configure terminal command. Here you can add and remove the configuration. Pretty much changing the router itself for your liking.
The command hostname R1 changes the name of the router from Router to R1.
The command enable secret cisco, added the security to the privilege exec mode. This command will help prevent unauthorized users to enter the privilege exec mode to execute and change the router’s configuration. The enable password can also be used; however, it shows the password in the running-config in clear text. The enable secret value is hashed with MD5, which is a one way hash algorithm . Therefore, it doesn’t display the secret in clear text. If the enable password and enable secret are both in used, the router will only use the enable secret because the router knows that it is more secure than enable password. In addition, the router will not accept the same password and secret value.
To configure the console port on the back of the router, you have to enter the console configuration mode by using line console 0 command. To add security to the console port, I added a password which is cisco by using the password cisco. Also, the command login will promtp every user to enter a password at the login prompt. The exec-timeout 30 30 will exit the user out of the router for specific period of time. In this case, it is 30 minutes and 30 seconds. The the value is 0 0, this will turn off the timeout, you can also turn off the timeout by using the no exec-timeout.
The line vty 0 4 command enters you into vty mode, which is mode for remote connection to the router. The line aux 0 is the same thing as the other line mode, but this one is related to modem connection. The configuration on these modes are kind of like similar to the line console.
The service password-encryption command deals with none hashed password like on line mode, and enable password and such. The password encryption strength is very weak and can easily cracked, but it is better than showing the password in clear text. The encryption algorithm is Cisco proprietary.
The service tcp-keepalives-in and service tcp-keepalives-out commands will help to terminate the hung tcp connection. For example, when a PC-A in R1’s LAN has a telnet connection to PC-B in R2’s LAN, and R1 has been restarted, the PC-B in R2’s LAN would not know that that PC-A is alive, so PC-B will keep the hung tcp connection . These commands will terminate the tcp connection once the router stopped receiving keepalives or response from the other router.
The banner motd command created a banner for those who are trying to log into the router. The motd stands for Message Of The Day. This motd appears every time a user tries to log onto to router. The banner has more parameters can be used like exec, login etc. The + symbol is a delimiter. It means that all the characters, including spaces and other symbols, in between the two delimiter will be displayed. Make sure that don’t use the delimiter part of your motd because it will cut your message off. For example, banner motd n My name is R1 n. The router will only show My instead of My name is R1 because the delimiter is letter n and there is a letter n after the word My, so that router accepted the second n to end the message.