home       basis       routing       switching       advanced       security       overig       testen      

0.0 The routers have been pre-configured with the following:
0.1 Enable secret password: ciscoenpa55
0.2 OSPF routing protocol with MD5 authentication using password: 
MD5pa55
0.3 Note: The console and vty lines have not been pre-configured.

1.0 Put ip's next to clients and server

1.1 Ping ok

1.2 change enable secret to something better (sdf12345) on all machines

1.2-5 
R1(config)# username Admin1 secret admin1pa55
R1(config)#username Admin1 secret admin1pa55
R1(config)#aaa authentication login default local
R1(config)#line con 0
R1(config-line)#login auth default
R1(config-line)#end
R1#exit
 ----------------------------
User Access Verification
Username: Admin1
Password: admin1pa55
R1>en
Password: sdf12345
R1#
 ----------------------------
part 2
 ----------------------------
R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#ip domain-name ccnasecurity.com
R1(config)#crypto key gen rsa
The name for the keys will be: R1.ccnasecurity.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.
 
How many bits in the modulus [512]: 2048
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]
 
R1(config)#aaa authentication login SSH-LOGIN local
*Mar 1 0:24:41.645:  %SSH-5-ENABLED: SSH 1.99 has been enabled 
R1(config)#line vty 0 15
R1(config-line)#login authe SSH-LOGIN
R1(config-line)#transp inp ssh
R1(config-line)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console

test PC1

Packet Tracer PC Command Line 1.0
PC>ssh -l Admin1 192.168.1.1
Open
Password: 
R1>
R1>exit

part 3

R2>en
Password: 
Password: 
Password: 
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#username Admin2 secret admin2pa55
R2(config)#tacacs-server host 192.168.2.2
R2(config)#tacacs-server key tacacspa55
R2(config)#aaa new-model
R2(config)#aaa authe login def group tacacs+ local
R2(config)#line con 0
R2(config-line)#login authe def
R2(config-line)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#exit

part4

R3>en
Password: 
R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#username Admin3 secret admin3pa55
R3(config)#radius-server host 192.168.3.2
R3(config)#radius-server key radiuspa55
R3(config)#aaa new-model
R3(config)#aaa authe login def group radius local
R3(config)#line con 0
R3(config-line)#login authe def
R3(config-line)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#exit

voeg een entry toe in service AAA op radius server en test op R3

voeg een entry toe in service AAA op tacacs+ server en test op R2

3612-part2-solved