Cisco Systems 1604 manual Verifying Local AAA Security Configuration

Page 6

Chapter 3 Configuring the Cisco 1604 Router

Verifying Local AAA Security Configuration

To configure local AAA security on the Cisco 1604, enter the following commands beginning in global configuration mode:

Step 1 Create a local username for yourself. Make sure to change “joe-admin” to your own username and “joe-password” to your own password. This step prevents you from getting locked out of the router when you enable AAA.

robo-austin(config)#username joe-admin password joe-password

Step 2 Enable AAA access control. This step immediately enables login and PPP authentication.

robo-austin(config)# aaa new-model

Step 3 Configure AAA to perform login authentication by using the local username database. The login keyword indicates authentication of EXEC (shell) users.

robo-austin(config)#aaa authentication login default local

Step 4 Configure PPP authentication to use the local database if the session was not already authenticated by

login.

robo-austin(config)#aaa authentication ppp default local

Note After you finish setting up basic security, you can enhance the security solution by extending it to an external TACACS+ or RADIUS server. However, this case study describes only local AAA security.

Verifying Local AAA Security Configuration

To verify the local AAA security configuration on the Cisco 1604:

Step 1 Log in with your username:password.

Step 2 Enter the login command at the EXEC (shell) prompt. Do not disconnect your EXEC session until you can log in successfully. (If you get locked out, recover your password by rebooting the router.)

robo-austin# login

User Access Verification

Username: joe-admin

Password:

robo-austin#

Cisco IOS Dial Services Quick Configuration Guide

3-6

Page 5 Page 7
Image 6
Page 5 Page 7
Contents Configuring the Cisco 1604 Router Network Topology, Hardware, and Software SelectionsIOS tm 1600 Software C1600-SY-L, Version Verifying Your Start Up ConfigurationOverview of Steps System image file is flashc1600-sy-l.120-x2048K bytes of Dram onboard 16384K bytes of Dram on Simm Configuring the Host Name, Password, and Time StampsEthernet/IEEE 802.3 interfaces Isdn Basic Rate interfaces 12288K bytes of processor board Pcmcia flash Read onlyRouterconfig# hostname robo-austin Enter global configuration modeRouter# configure terminal Hq-sanjoseconfig#service password-encryptionConfiguring Local AAA Security Robo-austin#show privilegeRobo-austinconfig#aaa authentication login default local Verifying Local AAA Security ConfigurationRobo-austinconfig#username joe-admin password joe-password Robo-austinconfig#aaa authentication ppp default localConfiguring the Ethernet Interface Robo-austinconfig-if#ip address 10.1.4.1Ethernet0 10.1.4.1 YES manual Verifying the Ethernet Interface ConfigurationStatus Down\WINDOWS ping Lost carrier, 0 no carrierRobo-austinconfig-if#ip address 10.1.254.4 Configuring Basic Rate InterfaceEnable PPP Robo-austinconfig-if#ppp authentication chap pap callinVerifying BRI Configuration Configuring Dial-on-Demand Routing Disable fair queuingRobo-austinconfig-if#dialer load-threshold 60 either Robo-austinconfig#dialer-list 2 protocol ip permit Verifying DDR ConfigurationEnsure that all unknown subnets use the default route Robo-austinconfig#username hq-sanjose password austin-pw14085551234 Never Dial StringLast called = IsdnTesting the Cisco 1604 Connection to the Cisco AS5300 Debug dialer Undebug allTerminal monitor Debug isdn q931Verify that the correct dialer map exists See Isdn Setup is transmittedSee Authentication phase is initiated by robo-austin Robo-austin#show dialer map080355 BR01 LCP O Confreq Closed id 42 len See Ipcp negotiation beginsSee 080357 Connection is made to hq-sanjose 080355 BR01 LCP I Confreq REQsent id 7 len080355 BR01 LCP O Confack REQsent id 7 len 080355 BR01 LCP I Confack ACKsent id 42 lenShow dialer IsdnShow ppp multilink Interface IP-Address OK? Method Status Protocol Saving the Configuration Robo-austin#copy running-config startup-config

1604 specifications

Cisco Systems 1604 is a multifaceted router that exemplifies the evolution of networking technology. Introduced in the 1990s, it was designed primarily for interconnecting local area networks (LANs) and wide area networks (WANs). As one of the early routers in the Cisco family, the 1604 laid the groundwork for numerous advancements in the networking space.

One of the standout features of the Cisco 1604 is its modular design. This architecture allows users to customize the router according to their specific needs by adding various modules and interface cards. This adaptability made it popular among organizations that required flexible networking solutions. The router supports multiple types of interfaces including Ethernet, Token Ring, and serial connections, accommodating a variety of networking environments.

In terms of performance, the Cisco 1604 offers impressive capabilities for its time. It supports both routing and bridging functions, enabling it to seamlessly integrate different types of networks. The router can handle up to 4Mbps of bandwidth, sufficient for small to medium-sized network environments. Its built-in memory capacity allows for efficient processing, providing a reliable platform for data communications.

The Cisco 1604 is built on Cisco's proprietary IOS (Internetwork Operating System), which is a critical component of its operation. IOS provides a robust command-line interface for configuration and management, facilitating advanced networking tasks such as routing protocols, security features, and network diagnostics. The support for multiple routing protocols, including RIP, OSPF, and EIGRP, enhances its functionality and compatibility with diverse network architectures.

Security features in the Cisco 1604 are notable, providing essential tools to safeguard data transmitted across networks. It supports various access control lists (ACLs) that enable administrators to regulate network traffic and restrict unauthorized access.

Moreover, the Cisco 1604 was designed with reliability in mind. It includes features like automatic keep-alives for connection monitoring and error-correction protocols to ensure consistent performance.

In conclusion, the Cisco Systems 1604 router represents a significant milestone in networking technology. Its modular design, high performance, advanced IOS capabilities, and robust security measures make it a noteworthy solution for businesses looking to build effective networking infrastructures. While newer models have surpassed its capabilities, the legacy of the Cisco 1604 continues to influence modern networking practices and designs.
Top Page Image Contents