Table of Contents
In this section, we will discuss how to set passwords in a Cisco Router and their commands with examples.
How to set passwords in a Cisco Router
Network security is a major concern, while we deploy the router in a data network. The router works uninterruptedly in a network, thus it is more vulnerable to external threats and unauthorized access to the network.
In order to prevent and protect the network from unwanted threats and unauthorized access, the router must be password protected.
Types of Password
The different levels of passwords are set to access the router. There are five different passwords that can be set on a Cisco Router.
- Enable Password
- Enable Secret Password
- Line Console Password
- Line Auxiliary Password
- Telnet or VTY Password
Enable and Enable Secret passwords are called the Privileged mode password. These two passwords are set to go from User Exec Mode to the Privileged Exec Mode. The Enable Secret password is encrypted by default.
The other three passwords i.e. Line Console, Line Aux, and VTY passwords are set to gain access to the router.
Enable Password
Enable password is set on the router in order to go from user exec mode to the privileged exec mode. The CLI command to set enable password is:
Router>ENABLE
Router#CONFIGURE TERMINAL Router(config)#ENABLE PASSWORD 1234 |
Enable Secret Password
Enable secret password is also set to go from user exec mode to the privileged mode. However, it has higher precedence than the Enable password. Also, the Enable Secret password is encrypted by default with the MD5 Hash function. That means, Enable Secret password is more secure than Enable password.
Passwords are part of configuration files. Hence, the enable password can be seen as plain text, whereas the enable secret password is seen as the encrypted format.
Router>ENABLE
Router#CONFIGURE TERMINAL Router(config)#ENABLE SECRET 12345 |
Line Console Password
Line console password is set to the router when it is accessed physically using the Console port. The command for configuring line console password is:
Router>ENABLE
Router#CONFIGURE TERMINAL Router(config)#LINE CONSOLE 0 Router(config-line)#LOGIN Router(config-line)#PASSWORD 123456 |
Line Auxiliary Password
The auxiliary password is set on the router when it is required to be gained access from the remote location using the modem. The password for line aux is :
Router>ENABLE
Router#CONFIGURE TERMINAL Router(config)#LINE AUX 0 Router(config-line)#LOGIN Router(config-line)#PASSWORD 123456 |
Telnet or VTY Password
VTY password is set on the router when it is accessed through remote login using telnet service. By default, the Cisco router supports 5 telnet sessions simultaneously. The same password can be set for all the telnet sessions. The command for VTY password are as:
Router>ENABLE
Router#CONFIGURE TERMINAL Router(config)#LINE VTY 0 4 Router(config-line)#LOGIN Router(config-line)#PASSWORD 123456 |
← Prev | Next → | |
Cisco IOS Basic Commands | Layer2 and Layer3 Switches |
Excellent Sir 👌