Chapter 1 Cisco SDM Express

Supplementary Help

Enable Telnet Settings

Cisco SDM Express secures the console, AUX, vty, and tty lines by implementing the following configurations whenever possible:

Configures transport input and transport output commands to define which protocols can be used to connect to those lines.

Sets the exec-timeout value to 10 minutes on the console and AUX lines, causing an administrative user to be logged out from these lines after 10 minutes of no activity.

The configuration that will be delivered to the router to secure the console, AUX, vty, and tty lines is as follows:

!

line console 0 transport output telnet exec-timeout 10

login local

!

line AUX 0

transport output telnet exec-timeout 10

login local

!

line vty ….

transport input telnet login local

Enable SSH for Access to the Router

If the Cisco IOS release running on the router is a crypto image (an image that uses 56-bit Data Encryption Standard (DES) encryption and is subject to export restrictions), then Cisco SDM Express will implement the following configurations to secure Telnet access whenever possible:

Enable Secure Shell (SSH) for Telnet access. SSH makes Telnet access much more secure.

Set the SSH timeout value to 60 seconds, causing incomplete SSH connections to shut down after 60 seconds.

Set the maximum number of unsuccessful SSH login attempts to two before locking access to the router.

 

Cisco SDM Express

1-42

OL-7141-04

Page 48
Image 48
321 Studios OL-7141-04 manual Enable Telnet Settings, Enable SSH for Access to the Router