Professional Documents
Culture Documents
Router>enable
Router#config t
Router(config)#
Once you get into global configuration mode you can set enable password using
enable password [your password] command.
Router>enable
Password:
Enable Secret
This is the new encrypted password overrides enable password. To set enable secret
use the following command
Router>enable
Router#config t
Router(config)#enable password mynetworkinglabs
Router(Config)#enable secret waleed
Console Password:
To configure a console user-mode password use the Line command from global
configuration mode. There is only one console port on all routers so command is line
console 0
Here is an example:
Router#config t
Router(config)#line console 0
Router(config-line)#
Login: This tells router to look under console line configuration for password. If
you do not use this command router will not prompt you for password while
connecting to routers console port.
Password: This sets the password for console user-mode. It is case sensitive.
Router#config t
Router(config)#line console 0
Router(config-line)#login
Router(config-line)#password waleed
Router(config)#line ?
< 0-4> First Line Number
aux
Auxiliary line
console
vty
Virtual terminal
At this point, you can choose the correct command you need. Here is an example of
setting the aux port on a Cisco router to prompt for a user-mode password with a
console cable connected (this port can be used with or without a modem):
Router#config t
Router(config)#line aux 0
Router(config-line)#login
Router(config-line)#password cisco
VTY (Telnet)
The Virtual Teletype (VTY) lines are used to configure Telnet access to a Cisco router.
As I mentioned earlier, the VTY lines must be configured for Telnet to be successful.
Here is an example of an administrators attempt to Telnet to a router that does not
have the VTY lines configured:
Router#config t
Router(config)#line vty 0 ?
<0-4> Last Line Number
<cr>< br/>Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password cisco
Notice that you choose all the lines available for the most efficient configuration. You
can set each line individually, but because you cannot choose the line you enter the
router with when you Telnet, this can cause problems.
You can tell the router to allow Telnet connections without a password by using the No
Login command:
Router(config)#line vty 0 4
Router(config-line)#no login
Router#config t
Router(config)#service password-encryption
Router(config)#enable password waleed
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password waleed
Router(config-line)#line con 0
Router(config-line)#login
Router(config-line)#password cisco
Router(config-line)#line aux 0
Router(config-line)#login
Router(config-line)#password khaliqi
Router(config-line)#exit
Router(config)#no service password-encryption
Router(config)#enable secret khaliqi
Router(config)#^Z
All of the passwords can be the same except the Enable Password and the Enable
Secret passwords. You should make them different for security reasons, however.
Conclusion
It is extremely important to set your passwords on every Cisco router your company
has. If you are studying for your Cisco certification exams, be sure you understand the
passwords and how to set them. Remember the difference between the Enable Secret
and the Enable password and that the Enable Secret password supercedes the Enable
password if its set.
I have taken care in preparation of the content contained herein but make no
expressed or implied warranty of any kind and assume no responsibility for errors or
omissions. No liability is assumed for any damages. Always have a verified backup
before making any changes.
May peace be with you.