All kinds of Cisco router Modes

This article will discuss the importance of maintaining the password security of a Cisco router, explain the Cisco router mode, and show readers how to configure five passwords for a vro to protect network security.

Causes of vro security protection using passwords

First, as a Cisco device administrator, we must realize that vrouters do not have any automated password defense. The Administrator must take the password settings of Cisco devices seriously. The soul of a Cisco device is IOS, which has different Cisco router modes. These Cisco router modes are set in different levels, which means that the deeper the access, the more privileges are required, and the more passwords are set for each corresponding layer.

User Mode

In user mode, the basic interface information of the router is displayed. Some people think that this Cisco router mode is useless because configuration changes cannot be made in this mode, and users cannot view any important information.

Privileged Mode

The administrator can view and change the configuration in this mode. I believe that it is absolutely important to have a set of passwords at this level. To switch from user mode to privileged mode, the administrator needs to enter the enabel command and press the Enter key:

Global Configuration Mode

In privileged mode, we can now access global configuration mode. Here, we can make changes that affect the operation of the entire router. These changes include, of course, configuration changes. As an administrator, we need to go further to the vro command to make reasonable changes to its configuration. The following is an example of accessing this mode:

Correctly configure five passwords

First, you must know that Cisco IOS has five major passwords: Console password, AUX password, VTY password, Enable password, and Enable secret password. The following are analyzed respectively.

Console Password

If a user does not set a password on the vro console, other users can access the user mode. If no password is set for other Cisco vro modes, others can easily enter other Cisco router modes. The Console port is the place where the user first sets the new router. It is extremely important to set a password on the Console port of the vro, because this prevents others from connecting to the vro and accessing the user mode. Because each vro has only one console port, you can use the line console 0 command in global configuration, and then use the login and password commands to complete the settings. Here, the password command is used to set an appropriate password, as shown below:

Enable password-Enable password

The enable password command Prevents someone from obtaining full access to the vro. The Enable command can be used to switch between 16 security levels, such as 0-15, and so on, on different security levels of the vro ). However, it is most commonly used from Cisco router Mode Level 1) to privileged Mode Level 15 ). In fact, if you are in user mode and the user type the enable command, this command assumes that you are in privileged mode. If you want to set a password to control the user's switch from user mode to privileged mode, you need to enter global configuration mode and use the enable password command, as shown below: the bad side of the Enable password command is that it is easily guessed by others, which is why we need to use enabel secret.

Enable secret-Enable Encryption

Enable the encryption password is the same as enable password. However, by using "enable secret", the password is stored in a more robust form of encryption: Router (config) # enable secret SecR3t! Enable, in many cases, many network paralysis is caused by lack of password security. Therefore, the Administrator must ensure that the vswitch and vro passwords are correctly set.