Console Port Security Configuration on a Cisco Router - Netizzan

Console Port Security Configuration on a Cisco Router

In network administration, configuring access to the console port of a Cisco router is essential for local management and troubleshooting. Access to the console port allows administrators to configure the router directly, even when remote access methods such as SSH or Telnet are unavailable. In this blog post, we’ll explore two methods of configuring console port access on a Cisco router.

Network Topology

The network topology we will be making use of is shown below. In this post, we will be configuring console port security on the router so that the PC needs to be authenticated before it can establish a connection to the router using a console cable.

topology for console security configuration

How to configure Console port security on cisco Router

There are two methods to configure console port security on a Cisco router. Method 1 uses both username and password, and Method 2 uses only password to authenticate users.

Let go through configuration procedure for each of them.

Method 1:

This method uses both a username and password to authenticate the user
Here are steps to enable it:.

Step 1: Configure Router (R1)

R1(config)#username admin privilege 15 secret 12345
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#exit

Here’s a brief explanation for each of the commands:

  1. R1(config)#username admin privilege 15 secret 12345:
    • This command is used to create a local user account named “admin” with a privilege level of 15 on the router.
    • The “privilege 15” parameter sets the user’s privilege level to the highest level, granting full access to all router commands.
    • The “secret 12345” parameter sets the password for the user account. The password is stored securely using a cryptographic hash function.
  2. R1(config)#line console 0:
    • This command enters the configuration mode for the console port on the router.
    • The “console 0” parameter specifies the console port number, which is typically 0 for the first console port.
  3. R1(config-line)#login local:
    • This command enables local login authentication for the console port.
    • When a user attempts to access the router via the console port, they will be prompted to enter a username and password.
    • The router will then verify the entered credentials against the locally configured username and password database. If the credentials match, access will be granted.

Step 2: Test Console Connection

Connect to the console port of the router using a console cable and terminal emulation software.

User Access Verification

Username: admin
Password: 12345 

Method 2

This Method uses only password to authenticate console connection to a Cisco Router

Here are steps to configure port security on the cisco router.

Step 1: Configure Router (R1)

R1(config)#line console 0
R1(config-line)#password 123456
R1(config-line)#login
R1(config-line)#exit 

Here’s a brief explanation for each of the commands:

  1. R1(config)#line console 0:
    • This command enters the configuration mode for the console port on the router.
    • The “console 0” parameter specifies the console port number, which is typically 0 for the first console port.
    • Entering this command allows you to configure settings specific to the console port.
  2. R1(config-line)#password 123456:
    • This command sets a password for accessing the router via the console port.
    • The password “123456” specified in this command is used for authentication purposes when a user attempts to access the router through the console port.
    • It’s essential to set a strong and secure password to prevent unauthorized access to the router’s configuration.
  3. R1(config-line)#login:
    • This command enables login authentication for the console port.
    • When a user attempts to access the router through the console port, they will be prompted to enter a username and password.
    • Enabling login authentication ensures that access to the console port is protected and requires valid credentials for entry.
  4. R1(config-line)#exit:
    • This command exits the configuration mode for the console port and returns to the global configuration mode.
    • It’s used to conclude the configuration of settings specific to the console port before moving on to configure other aspects of the router.
    • Exiting the configuration mode ensures that any changes made to the console port configuration are applied and saved.

Step 2: Test Console Connection

Connect to the console port of the router using a console cable and terminal emulation software.

Password: 123456 

Related:

How to Configure Telnet on a Cisco Router

How to Configure SSH on a Cisco Router

Reference: https://github.com/misterkrittin/CCNA-Labs

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top