进入特权模式

enable 或 en

进入全局模式

config terminal 或 conf t

超时时间配置

line c 0
exec-timeout 30
exit
line vty 0 4
exec-timeout 30
exit
end

显示配置信息

show run

登录失败处理

login block-for 1800 attempts 5 within 600
login on-failure trap

关闭不必要的服务

no service tcp-small-server
no service udp-small-server
no cdp run
no cdp enable
no ip finger
no service finger
no ipbootp server
no ip proxy-arp
no ip directed-broadeast
no ip domain-look up

配置密码

enable
conf t
line c 0
password sw123321
login
login local
exit

配置enable 密码

enable password user123
enable secret user123

新建用户

username user123 password user123
username user123 privilege 15 password user123

加密

service password-encryption


line vty 0 4
password user123
login
login local
exit

修改

hostname user123
username user123 password user123

login local
transport input ssh

配置密码复杂度

line c 0
password min-length 8
password lower-case 1
password numeric-count 1
password special-case 1
password upper-case 1

line vty 0 4
password min-length 8
password lower-case 1
password numeric-count 1
password special-case 1
password upper-case 1


logging syn
line vty 0 4
password user123
login

给交换机配置管理IP

vlan 1
int vlan 1
ip address 192.168.0.10 255.255.255.0
no shut

新建用户

aaa new-model
aaa authentication login default local
username auditadmin privilege 1 password p123456#
username secadmin privilege 1 password p123456#
username sysadmin privilege 1 password p123456#

将交换机日志推送到日志服务器

logging on
logging trap information
logging 192.168.0.11
logging facility local6
logging source-interface vlan 1

配置日期时间

clock set 14:14:00 17 aug 2021

标签: 思科交换机, 思科, 交换机, cisco

添加新评论