Section 10 – System Management – 6 Points
10.1 IOS Management
Configure r4 to be managed via HTTP:
Use TCP port 8080
Only permit access from the 136.1.2.0/24 subnet
Authenticate users using local username WEB and the password CISCO
This password should be stored in the router’s configuration as an MD5 hash.
r4(config)#username WEB secretCISCO
r4(config)#do sh run | i access-list|ip http|username WEB
username WEB secret 5 $1$lzG6$LoWdN/bOqK9kZtQZZieV//
ip http server
ip http port 8080
ip http access-class 69
ip http authentication local
!
access-list 69 permit 136.1.2.0 0.0.0.255
Cool verification:
r4#sh ip http server status
HTTP server status: Enabled
HTTP server port: 8080
HTTP server authentication method: local
HTTP server access class: 69
HTTP server base path:
Maximum number of concurrent server connections allowed: 5
Server idle time-out: 180 seconds
Server life time-out: 180 seconds
Maximum number of requests allowed on a connection: 1
HTTP server active session modules: ALL
HTTP secure server capability: Present
HTTP secure server status: Disabled
HTTP secure server port: 443
HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-128-sha
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint:
HTTP secure server active session modules: ALL
10.2 File Management
Okay, this question completely mindfucked me. Definitely read the breakdown on this task. It combines an interesting bit of ROMMON magic with a neat trick with the alias command.
10.3 Autoinstall
Autoinstall….another one of the technologies that I haven’t gotten around to playing with yet. Another skipped task. 🙂 I did print out the PDF of the following page (all 54 pages 😦 ) and will review it later:
Using AutoInstall to Remotely Configure Cisco Networking Devices
Leave a Reply