Time
30 hours 46 minutes
Difficulty
Intermediate
CEU/CPE
20

Video Description

Cisco IOS Lab (part 3) Changing the Router Log For this lesson, we focus on methods for changing router log. You'll learn the value of port assignments, how to use a console port, and about the hardware and PC connections that enable that connectivity. You'll learn what the "Rule of Thumb" for Cisco devices and how that logic applies to changing and configuration tasks. You'll learn what login feature of a router does NOT have a physical port on the router and how to assign virtual ports/line ranges, and what happens when you launch the command, Copy Run Start…

Video Transcription

00:11
the next.
00:12
A number of changes that we're going to make
00:15
are going to be
00:19
to our router log in methods. Now they are too
00:24
ways
00:25
off logging into a router.
00:28
The next part
00:30
that we're gonna configure is how
00:33
are the ports that we use to connect to a rounder?
00:38
So we're gonna make configuration changes to port
00:42
that we use to log into a router.
00:46
Now, one of the ports that is used to log into a router
00:51
is called the Console Port,
00:54
which connects to the console port of a router
00:57
through a council cable to the back end or the communication sport at the back end off a PC.
01:04
Now what does the council cable look like? Well, there is this
01:07
So this r J 45 connector
01:11
that you see this connector is called a registered Jack or R J 45 your regular phones using R J 11.
01:19
This goes into the council porter for outer, and this goes into that serial looking port at the back of your PC that says calm one and come to either one.
01:30
So the rule of thumb Francisco devices, as Faras ports go,
01:37
is to make changes to a port
01:41
you must first go into the port.
01:44
Makes sense. If I ask
01:46
anybody to make changes to a room inside of a house,
01:51
they first have to enter the room, don't they? So, logically speaking, it makes sense that to make changes to report, you must first enter that port
02:00
now to enter. Enter the consul port of her outer. I will say line
02:09
if I can type
02:13
Constable
02:14
zero
02:15
and hit Enter
02:17
Now I know that I'm in my console port because my prop change to config hyphen line.
02:29
Now the first
02:30
change to the consul port I'm going to make and be aware
02:35
when I make changes to the console aboard. Thes changes are only going to affect people that are connected to the router through the console port. If they're connected to the router through any other means. These changes do not apply to those people. These changes apply it to people that connect to this router.
02:53
True,
02:54
the console port.
02:58
So
02:59
the first command we're going to do
03:01
is exact hyphen. Timeout.
03:06
Then if I press question mark, it asked me timeouts in minute.
03:10
So let's say I set the time out to two minutes. Space question mark, and then it stays time out in seconds. And I say
03:20
20
03:21
and I hit. Enter?
03:23
No,
03:24
what this command does. Well, let's change the time out to
03:30
zero.
03:31
20.
03:34
So what this command does is it controls your automatic
03:39
consul, log out.
03:43
So if you're logged into a router
03:46
and let's say you walk away from your table where you logged into a router and you go get coffee,
03:53
technically, what should have happened
03:58
is you log out of that router
04:00
and then you go get coffee because you don't relieve a consul session open like that again because somebody malicious as you walk away could jump on your router and do something bad.
04:14
So
04:15
this exact time out command controls the number of minutes and seconds
04:19
off in activity, after which you automatically gets locked out.
04:26
So when I said exact time out to two minutes, 20 seconds after two minutes, 20 seconds of in activity After two minutes 20 seconds of me not pressing any keys, I will get automatically logged out.
04:39
Then I set the exact time out. I changed it to zero minutes 20 seconds, and as I was talking see what happened.
04:46
The low router automatic me kicked me out.
04:49
This is a safeguard
04:53
for if you forget to log out off a router when you walk away from your desk
04:59
or a Cisco device as you walk away from your desk, it will automatically log you out
05:05
and quite possibly, maybe save your job.
05:09
It is a security feature, so I have to log back in and go to my proof mode by typing and enable. As you see, I only typed in E N and that works just fine.
05:18
Then I type in the password Bob,
05:21
then configure Terminal,
05:25
then back to Lyon, console zero.
05:29
Now in this class,
05:33
there might be times where
05:36
I'm talking and I'm logged into the console and I'm talking for
05:42
three minutes, four minutes, and I believe the default log out. Time is automatic. Log out. Time is three minutes.
05:48
I don't want to get logged out constantly and have to log back in
05:53
so I
05:54
and see a lot got long back out
05:58
because I talked for 20 seconds
06:03
so exact
06:06
timeout 00 Now, by saying exact time out 00
06:16
I have turned automatic console log off feature off.
06:25
Now. You might say, Janine, you said to negate a command. All you have to do is put a no in front off it. Okay? No exact
06:33
timeout
06:34
does the same thing.
06:38
So exact time out. 00
06:42
We'll turn off your automatic log out future,
06:46
and so does no exact time out.
06:49
And we want it this way in this class, for we don't want to constantly be getting timed out and then logged out
06:56
and have to lock back in again.
07:00
Now, the next feature I'm going to discuss,
07:04
I'm going to hit
07:06
and
07:08
and pop back into prove mode to show you something
07:13
So I hit end
07:15
and I hit Enter. Once I press the enter key one time
07:20
you see that this message showed up configured from console by counsel.
07:28
Okay. Configure from consul by con for the council. Basically telling me I've made some configuration changes
07:38
to the console by the council.
07:42
Now, After that, I don't see my are one prompt I should see. This are £1 sign. I don't see it.
07:50
So if at this time I'm typing,
07:54
I know that's gibberish. I'm effectively typing at the end of this line. without having started a new line.
08:03
Now let's see what happens.
08:05
I'm gonna go back into my console port. Let's see what happens if I execute the command logging
08:13
synchronous
08:18
If I say logging synchronous and I hit, enter
08:22
and then I say
08:24
and again to go back to crib mode
08:28
and I hit.
08:28
Enter. You see, This time
08:31
the router started me a new line, for I see a new prompt as previously, I did not see a new prompt.
08:43
Now what the logging synchronous command does
08:46
technically, in technical words
08:50
is it keeps consul logging messages, these messages
08:54
that show up every now and then when you make changes to a rounder.
08:58
So it keeps council logging messages
09:01
from interrupting your typing.
09:05
You're interrupting your command line.
09:07
If you don't have this
09:09
logging synchronous in place, there would be instances where you are typing part of a command, and it's a really long command. You're typing part of a command and in the middle
09:22
this message pops up, configured from consul by console. And then you left typing the other half of the command
09:28
after this line, which makes it confusing,
09:31
So logging synchronous just makes you command line. Ah, lot cleaner by keeping logging council messages from interrupting your typing.
09:45
Let's go back to our Consul Port
09:50
Conflict Terminal to go back to Macon fig mode and then line console zero
09:56
to go back to my console port.
10:00
And now I'm going to set a console level password.
10:05
So I'm going to say
10:07
Password.
10:09
And let's just make this
10:13
Cisco also, let's make it see CNN
10:16
and enter.
10:18
And what type of password am I setting?
10:22
I am sitting,
10:24
Ah, la guine typed password.
10:26
So you put that on a separate line because their other types
10:31
off passwords that I can set over here. Logan is not the only type of passwords. I'm not gonna go into what they are. You'll learn that when you go to your CCMP
10:41
Now, let's test this out as the rule being As soon as we make a change to a router, we test it out immediately.
10:48
And this time, instead of hitting end, remember every time I hit end,
10:54
it took me
10:56
straight back to privilege mode.
10:58
Control Z
11:00
has basically the same effect as end. It takes you immediately back to privilege mode.
11:05
This time around,
11:07
I'm going to say exit,
11:13
and it took me back to config mode. So end, no matter where you are, we'll pop you all the way back
11:20
to prove mode.
11:22
Exit, on the other hand, will pop me back one mode at a time. So when that said Exit, it took me back to config mode. And if I say exit again, he'll take me back to privilege Mood.
11:35
Now let's just go ahead and log completely out of the router
11:43
and I'm logged completely out of the router.
11:48
Now when I hit return or when I hit Enter, I'm going to try and log back in.
11:54
So here I go.
11:56
It asked me for a log in password now in effect when I hit Enter, I'm starting a consul session, and I have set a console password to T C and A.
12:09
I hit Enter and I'm in the router, but I'm in user mode,
12:13
Then to go from user mode
12:16
to privilege mode. I type in enable
12:20
I hit enter and it's asking me for the enable password, which I believe was Bob
12:26
and I hit Enter again and I'm inside of privilege mode. So now I have a full access to the router.
12:35
All right, I'm going to go back to my configure config mode or global config mood,
12:41
my typing configure terminal.
12:45
And now the second way.
12:48
Both
12:48
logging into a router is too remote logging.
12:52
So one of the ways of remotely logging into a router is telling it another way would be a CSH. These things we will cover later on in the class, but basically remote. The remote logging feature in the router does not have a physical port
13:11
because remote Loggins usually you're using an I P address to log into a device that might be sitting in another country or another city are the building across the street
13:22
so remote Loggins. The remote logging feature does not have any physical ports on the router. However. There are assigned virtual ports or virtual lines
13:33
inside of a router.
13:35
So for for remote log and feature,
13:39
you type in line
13:41
VT vie
13:43
the VT Why, I believe stands for virtual teletype.
13:50
Then, if I hit question mark,
13:52
there are a total of 16 ports you can think of for 16 lines that are available for remote log in
14:01
log line zero through 15 0 inclusive that gives me 16 lines
14:07
now. I could do these one at a time. I could say lying Bt Y zero. Enter and do some commands for it
14:15
and then lying be to buy one,
14:16
enter and do some commands for it. Or I could do the whole range by saying zero space 15
14:22
and hitting. Enter.
14:26
So right now, my problem changed to configure line. But I am configuring lines or port. You can think of him as either zero through 15.
14:39
At this time you will see all my commands.
14:41
For example.
14:43
Exactly
14:46
time out. Let's just set this to five or 10 minutes.
14:50
Timeout
14:52
minutes or 10
14:54
seconds
14:56
are zero.
14:58
So I said the exact time out for my remote Logan lines or port to 10 minutes.
15:07
Then
15:07
same thing.
15:09
Logging synchronous.
15:11
It does the same thing that it did for
15:15
the Consul port, as in it keeps
15:18
consul messages from interrupting my command line.
15:22
So however, these commands only apply at this 0.2 people that are remotely logged in to the router. So this 10 minute timeout does not apply to people that are console them to the council port for them. The time out of 00 which means it's the feature is turned off
15:41
for people that I remotely logging in
15:43
their time out is 10 minutes. Then the logging synchronous command is the same.
15:50
After that, I'm going to set a password.
15:52
Let's said this the same two c c n a. And then the type of password it is.
15:58
It's a log in password.
16:00
Now I want to look at my
16:06
Aram again or my running conflict. The configuration changes that I have made to my lab up until now.
16:14
Now, remember, we did the show running config command from privilege mode. Previously,
16:21
I can do that same command from this mode by typing and do just putting a do in front of the show command Do show running
16:33
config. When I hit enter,
16:36
I see my previous convicts that I had done and I'm going to scroll using the enter key.
16:42
I'm just holding down the enter key. You can using the enter key for every enter I press I scroll one line using the space bar for every time I press it. I screw up one page.
16:56
So
16:56
here the changes I've made,
17:00
I have
17:03
I have my line con zero, which is my line console zero. My exact time out. A 00
17:12
My password is CNN. I have logging synchronous, and the type of password it is is log in. It's a log in password
17:22
and this commands executed for the line BT Y 0 to 15 are broken down in segments or ports of 50 to 4 and then 5 to 15
17:33
and all the commands are there
17:34
now. Unfortunately, here
17:37
you still see your log in Password ccnet
17:41
as exposed and your remote log in password that CC and has exposed in clear text,
17:47
which again, is not a good thing.
17:51
So there's a command to fix that.
17:55
I type in exit
17:56
and go back. One mo took my global contract mode
18:02
and then I say,
18:06
service
18:10
password encryption.
18:11
So if service password hyphen, encryption and I hit enter,
18:18
let's look at our running configure again or are RAM Do show
18:23
running
18:26
config.
18:27
You'll notice that that original Cisco
18:32
that was visible is encrypted.
18:34
Scrolling to the end were my console port and my VT by lines are
18:40
the sea CNN password has also been encrypted.
18:45
So
18:47
this command
18:48
service password encryption
18:52
make note. If it
18:53
could be a test question.
18:55
It encrypts all current and future passwords.
19:00
Okay, the service password command encrypts all current and future passwords.
19:11
All right,
19:12
now,
19:15
at this point, I'm not going to do it. But if I were to power cycle
19:21
this router, I would lose everything
19:22
because everything is on Lee sitting in my running config.
19:27
If I look at my
19:30
startup config,
19:33
what does it say? Startup config is not present. I haven't saved anything yet. There's nothing in there.
19:40
So
19:42
to save my work I execute the command Copy
19:48
Then the source file name which is my running config
19:52
and then the destination file name which is my startup config. So I can copy my running config to my startup conflict I hit Enter
20:03
and it asked me should I really do this?
20:07
And I enter again and it says building configuration
20:11
Now if I check for my startup config
20:14
by executing the command show startup config
20:18
You see, I have a startup config which matches my running configuration at this point
20:25
Now, during the course of this command this class during the course of this class, the sure startup config too. I mean, show I mean, copy running config to start up and fig is too long.
20:37
The copy running config.
20:40
Startup Conflict command is too long for me at least.
20:42
The copy.
20:45
Run start. I could have just said Copy.
20:48
Run
20:49
whips. Copy. Run! Which stands for running convict Short for running convict To start,
20:56
we'll do it to still too long.
21:02
So for the purposes of the test, please remember the copy
21:07
running
21:11
if I could type
21:14
running convict to start up Conflict Command, for example. Remember this for the exam? But later on, when we're covering other stuff and I need to quickly save
21:23
I'm going to do the command, right?
21:26
Memory?
21:27
No,
21:29
it does the same as copy running config to start up conflict. Actually, I'm gonna shorten right memory to just w r and hit enter. And it does the same thing saves me time and saves us a bit of headache from me factor angering the long version of the command. However, the long version
21:48
of copy running config to start a conflict, you need to remember for the exam.
21:56
This concludes what I call the housekeeping
22:00
portion
22:02
off this class off the configuration section for this class

Up Next

Cisco Certified Network Associate (CCNA) Certification

Our online, self-paced Cisco Certified Network Associate CCNA training teaches students to install, configure, troubleshoot and operate LAN, WAN and dial access services for medium-sized networks. You'll also learn how to describe the operation of data networks.

Instructed By

Instructor Profile Image
Junaid Memon
Instructor