拓扑
(1.)配置主机名跟路由器地址
Switch>EN
Switch#conf te
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hos
Switch(config)#hostname S1
R1(config)#interface f0/0
R1(config-if)#no shut
R1(config-if)#no shutdown
R1(config-if)#ip address 172.16.0.1 255.255.255.0
R2(config)#interface f0/0
R2(config-if)#no shu
R2(config-if)#ip address 172.16.0.2 255.255.255.0
(2) 配置基本安全措施
S1(config)#enable secret cisco
S1(config)#service password-encryption
S1(config)#line vty 0 15
S1(config-line)#password cisco
S1(config-line)#login
S1(config)#line console 0
S1(config-line)#password cisco
S1(config-line)#login
(3) 接口基本配置
S1(config)#interface f0/1 //进入端口
S1(config-if)#duplex full //配置全双工
S1(config-if)#speed 100 //端口速率
S1(config-if)#mdix auto //启用介质检测功能
S1(config-if)#description con to sw //在接口配置描述
S1(config-if)#
(4)配置管理地址
S1(config)#interface vlan 1
S1(config-if)#ip address 172.168.0.100 255.255.255.0
S1(config-if)#no shut
S1(config)#ip default-gateway 172.16.0.254
(5.)配置SSH
S1(config)#ip domain-name ccnpcisco.com
//以上配置域名,生成秘钥时需要
S1(config)#crypto key generate rsa
The name for the keys will be: S1.ccnpcisco.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]:
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]
S1(config-line)#login local
//SSH需要用户名密码,以上配置密码存放在本地,及交换机配置文件中
S1(config-line)#exit
S1(config)#username test secret cisco
//以上配置用户名 密码
S1(config)#
Telnet测试
R2#telnet 172.16.0.100
Trying 172.16.0.100 ...Open
User Access Verification
Username: cisco
Password:
% Login invalid
Username: test
Password:
S1>exit
[Connection to 172.16.0.100 closed by foreign host]
R2#
R2#
R2#ssh -l test 172.16.0.100 //ssh登陆测试
Open
Password:
S1>
