Line Configuration

From Braindisconnect
Jump to navigationJump to search


Cisco

These configurations are best practice for security reasons.

Local User and Enable Password

username <username> secret <password>
enable secret <password>

The enable secret is the best practice way of configuring the enable password.

VTY Lines

  • Make sure Secure Shell has been configured.
  • Make sure AAA has been configured.
line vty 0 4
 exec-timeout 30 0
 logging synchronous 
 login authentication vtymethod
 transport input ssh
line vty 5 15
 exec-timeout 30 0
 logging synchronous 
 login authentication vtymethod
 transport input ssh
  • The VTY number is essentially the number of connections that can occur, 0 4 is 5 connections.
  • logging synchronous will keep log messages from interrupting your typing.
  • login authentication vtymethod tells the router to use the vtymethod in the AAA settings for authentication.
  • transport input ssh will set the router to only accept secure shell connections.

Console and Auxiliary Lines

Disabling the AUX Port

Unless you are using the AUX line for an AUX2CON connection, then it is highly recommended that the AUX port be disabled. 

line aux 0
 transport input none
 transport output none
 no exec
 exec-timeout 0 1
 no password
Configuring the CON port
line con 0
 exec-timeout 30 0
 login authentication vtymethod
Retrieved from "https://www.braindisconnect.com/wiki/index.php?title=Line_Configuration&oldid=7"