A number of changes that we're going to make
to our router log in methods. Now they are too
off logging into a router.
that we're gonna configure is how
are the ports that we use to connect to a rounder?
So we're gonna make configuration changes to port
that we use to log into a router.
Now, one of the ports that is used to log into a router
is called the Console Port,
which connects to the console port of a router
through a council cable to the back end or the communication sport at the back end off a PC.
Now what does the council cable look like? Well, there is this
So this r J 45 connector
that you see this connector is called a registered Jack or R J 45 your regular phones using R J 11.
This goes into the council porter for outer, and this goes into that serial looking port at the back of your PC that says calm one and come to either one.
So the rule of thumb Francisco devices, as Faras ports go,
is to make changes to a port
you must first go into the port.
Makes sense. If I ask
anybody to make changes to a room inside of a house,
they first have to enter the room, don't they? So, logically speaking, it makes sense that to make changes to report, you must first enter that port
now to enter. Enter the consul port of her outer. I will say line
Now I know that I'm in my console port because my prop change to config hyphen line.
change to the consul port I'm going to make and be aware
when I make changes to the console aboard. Thes changes are only going to affect people that are connected to the router through the console port. If they're connected to the router through any other means. These changes do not apply to those people. These changes apply it to people that connect to this router.
the first command we're going to do
is exact hyphen. Timeout.
Then if I press question mark, it asked me timeouts in minute.
So let's say I set the time out to two minutes. Space question mark, and then it stays time out in seconds. And I say
what this command does. Well, let's change the time out to
So what this command does is it controls your automatic
So if you're logged into a router
and let's say you walk away from your table where you logged into a router and you go get coffee,
technically, what should have happened
is you log out of that router
and then you go get coffee because you don't relieve a consul session open like that again because somebody malicious as you walk away could jump on your router and do something bad.
this exact time out command controls the number of minutes and seconds
off in activity, after which you automatically gets locked out.
So when I said exact time out to two minutes, 20 seconds after two minutes, 20 seconds of in activity After two minutes 20 seconds of me not pressing any keys, I will get automatically logged out.
Then I set the exact time out. I changed it to zero minutes 20 seconds, and as I was talking see what happened.
The low router automatic me kicked me out.
for if you forget to log out off a router when you walk away from your desk
or a Cisco device as you walk away from your desk, it will automatically log you out
and quite possibly, maybe save your job.
It is a security feature, so I have to log back in and go to my proof mode by typing and enable. As you see, I only typed in E N and that works just fine.
Then I type in the password Bob,
then configure Terminal,
then back to Lyon, console zero.
there might be times where
I'm talking and I'm logged into the console and I'm talking for
three minutes, four minutes, and I believe the default log out. Time is automatic. Log out. Time is three minutes.
I don't want to get logged out constantly and have to log back in
and see a lot got long back out
because I talked for 20 seconds
timeout 00 Now, by saying exact time out 00
I have turned automatic console log off feature off.
Now. You might say, Janine, you said to negate a command. All you have to do is put a no in front off it. Okay? No exact
does the same thing.
So exact time out. 00
We'll turn off your automatic log out future,
and so does no exact time out.
And we want it this way in this class, for we don't want to constantly be getting timed out and then logged out
and have to lock back in again.
Now, the next feature I'm going to discuss,
and pop back into prove mode to show you something
and I hit Enter. Once I press the enter key one time
you see that this message showed up configured from console by counsel.
Okay. Configure from consul by con for the council. Basically telling me I've made some configuration changes
to the console by the council.
Now, After that, I don't see my are one prompt I should see. This are £1 sign. I don't see it.
So if at this time I'm typing,
I know that's gibberish. I'm effectively typing at the end of this line. without having started a new line.
Now let's see what happens.
I'm gonna go back into my console port. Let's see what happens if I execute the command logging
If I say logging synchronous and I hit, enter
and again to go back to crib mode
Enter. You see, This time
the router started me a new line, for I see a new prompt as previously, I did not see a new prompt.
Now what the logging synchronous command does
technically, in technical words
is it keeps consul logging messages, these messages
that show up every now and then when you make changes to a rounder.
So it keeps council logging messages
from interrupting your typing.
You're interrupting your command line.
If you don't have this
logging synchronous in place, there would be instances where you are typing part of a command, and it's a really long command. You're typing part of a command and in the middle
this message pops up, configured from consul by console. And then you left typing the other half of the command
after this line, which makes it confusing,
So logging synchronous just makes you command line. Ah, lot cleaner by keeping logging council messages from interrupting your typing.
Let's go back to our Consul Port
Conflict Terminal to go back to Macon fig mode and then line console zero
to go back to my console port.
And now I'm going to set a console level password.
And let's just make this
Cisco also, let's make it see CNN
And what type of password am I setting?
Ah, la guine typed password.
So you put that on a separate line because their other types
off passwords that I can set over here. Logan is not the only type of passwords. I'm not gonna go into what they are. You'll learn that when you go to your CCMP
Now, let's test this out as the rule being As soon as we make a change to a router, we test it out immediately.
And this time, instead of hitting end, remember every time I hit end,
straight back to privilege mode.
has basically the same effect as end. It takes you immediately back to privilege mode.
I'm going to say exit,
and it took me back to config mode. So end, no matter where you are, we'll pop you all the way back
Exit, on the other hand, will pop me back one mode at a time. So when that said Exit, it took me back to config mode. And if I say exit again, he'll take me back to privilege Mood.
Now let's just go ahead and log completely out of the router
and I'm logged completely out of the router.
Now when I hit return or when I hit Enter, I'm going to try and log back in.
It asked me for a log in password now in effect when I hit Enter, I'm starting a consul session, and I have set a console password to T C and A.
I hit Enter and I'm in the router, but I'm in user mode,
Then to go from user mode
to privilege mode. I type in enable
I hit enter and it's asking me for the enable password, which I believe was Bob
and I hit Enter again and I'm inside of privilege mode. So now I have a full access to the router.
All right, I'm going to go back to my configure config mode or global config mood,
my typing configure terminal.
And now the second way.
logging into a router is too remote logging.
So one of the ways of remotely logging into a router is telling it another way would be a CSH. These things we will cover later on in the class, but basically remote. The remote logging feature in the router does not have a physical port
because remote Loggins usually you're using an I P address to log into a device that might be sitting in another country or another city are the building across the street
so remote Loggins. The remote logging feature does not have any physical ports on the router. However. There are assigned virtual ports or virtual lines
So for for remote log and feature,
the VT Why, I believe stands for virtual teletype.
Then, if I hit question mark,
there are a total of 16 ports you can think of for 16 lines that are available for remote log in
log line zero through 15 0 inclusive that gives me 16 lines
now. I could do these one at a time. I could say lying Bt Y zero. Enter and do some commands for it
and then lying be to buy one,
enter and do some commands for it. Or I could do the whole range by saying zero space 15
So right now, my problem changed to configure line. But I am configuring lines or port. You can think of him as either zero through 15.
At this time you will see all my commands.
time out. Let's just set this to five or 10 minutes.
So I said the exact time out for my remote Logan lines or port to 10 minutes.
It does the same thing that it did for
the Consul port, as in it keeps
consul messages from interrupting my command line.
So however, these commands only apply at this 0.2 people that are remotely logged in to the router. So this 10 minute timeout does not apply to people that are console them to the council port for them. The time out of 00 which means it's the feature is turned off
for people that I remotely logging in
their time out is 10 minutes. Then the logging synchronous command is the same.
After that, I'm going to set a password.
Let's said this the same two c c n a. And then the type of password it is.
It's a log in password.
Now I want to look at my
Aram again or my running conflict. The configuration changes that I have made to my lab up until now.
Now, remember, we did the show running config command from privilege mode. Previously,
I can do that same command from this mode by typing and do just putting a do in front of the show command Do show running
config. When I hit enter,
I see my previous convicts that I had done and I'm going to scroll using the enter key.
I'm just holding down the enter key. You can using the enter key for every enter I press I scroll one line using the space bar for every time I press it. I screw up one page.
here the changes I've made,
I have my line con zero, which is my line console zero. My exact time out. A 00
My password is CNN. I have logging synchronous, and the type of password it is is log in. It's a log in password
and this commands executed for the line BT Y 0 to 15 are broken down in segments or ports of 50 to 4 and then 5 to 15
and all the commands are there
now. Unfortunately, here
you still see your log in Password ccnet
as exposed and your remote log in password that CC and has exposed in clear text,
which again, is not a good thing.
So there's a command to fix that.
and go back. One mo took my global contract mode
So if service password hyphen, encryption and I hit enter,
let's look at our running configure again or are RAM Do show
You'll notice that that original Cisco
that was visible is encrypted.
Scrolling to the end were my console port and my VT by lines are
the sea CNN password has also been encrypted.
service password encryption
could be a test question.
It encrypts all current and future passwords.
Okay, the service password command encrypts all current and future passwords.
at this point, I'm not going to do it. But if I were to power cycle
this router, I would lose everything
because everything is on Lee sitting in my running config.
what does it say? Startup config is not present. I haven't saved anything yet. There's nothing in there.
to save my work I execute the command Copy
Then the source file name which is my running config
and then the destination file name which is my startup config. So I can copy my running config to my startup conflict I hit Enter
and it asked me should I really do this?
And I enter again and it says building configuration
Now if I check for my startup config
by executing the command show startup config
You see, I have a startup config which matches my running configuration at this point
Now, during the course of this command this class during the course of this class, the sure startup config too. I mean, show I mean, copy running config to start up and fig is too long.
The copy running config.
Startup Conflict command is too long for me at least.
Run start. I could have just said Copy.
whips. Copy. Run! Which stands for running convict Short for running convict To start,
we'll do it to still too long.
So for the purposes of the test, please remember the copy
running convict to start up Conflict Command, for example. Remember this for the exam? But later on, when we're covering other stuff and I need to quickly save
I'm going to do the command, right?
it does the same as copy running config to start up conflict. Actually, I'm gonna shorten right memory to just w r and hit enter. And it does the same thing saves me time and saves us a bit of headache from me factor angering the long version of the command. However, the long version
of copy running config to start a conflict, you need to remember for the exam.
This concludes what I call the housekeeping
off this class off the configuration section for this class