A continuación les dejo con la manera de configurar vuestros routers con protocolos seguros:
CONFIGURAR SSH EN EL ROUTER
CONFIGURAR SSH EN EL ROUTER
MADRID>ena
MADRID#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MADRID(config)#ip domain-name madrid.com
MADRID(config)#crypto key generate rsa
The name for the keys will be: MADRID.madrid.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
MADRID#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MADRID(config)#ip domain-name madrid.com
MADRID(config)#crypto key generate rsa
The name for the keys will be: MADRID.madrid.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
MADRID(config)#username user secret user
*mar 1 1:19:30.219: %SSH-5-ENABLED: SSH 1.99 has been enabled
MADRID(config)#line vty 0 15
MADRID(config-line)#login local
MADRID(config-line)#transport input ssh
MADRID(config-line)#^Z
MADRID#
%SYS-5-CONFIG_I: Configured from console by console
*mar 1 1:19:30.219: %SSH-5-ENABLED: SSH 1.99 has been enabled
MADRID(config)#line vty 0 15
MADRID(config-line)#login local
MADRID(config-line)#transport input ssh
MADRID(config-line)#^Z
MADRID#
%SYS-5-CONFIG_I: Configured from console by console
MADRID#sh ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
MADRID#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MADRID(config)#ip ssh version 2
MADRID(config)#ip ssh time-out 60
MADRID(config)#ip ssh authentication-retries 2
MADRID(config)#^Z
MADRID#
%SYS-5-CONFIG_I: Configured from console by console
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
MADRID#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MADRID(config)#ip ssh version 2
MADRID(config)#ip ssh time-out 60
MADRID(config)#ip ssh authentication-retries 2
MADRID(config)#^Z
MADRID#
%SYS-5-CONFIG_I: Configured from console by console
MADRID#sh ip ssh
SSH Enabled - version 2.0
Authentication timeout: 60 secs; Authentication retries: 2
MADRID#write
Building configuration...
[OK]
MADRID#
SSH Enabled - version 2.0
Authentication timeout: 60 secs; Authentication retries: 2
MADRID#write
Building configuration...
[OK]
MADRID#
CONFIGURAR HTTPS EN EL ROUTER
MADRID(config)#no ip http server
MADRID(config)#ip https secure server
MADRID(config)#ip http auth local
MADRID(config)#ip https secure server
MADRID(config)#ip http auth local
CONCLUSION:
Esta configuración proveé al router de una seguridad altisima al haber desabilitado los protocolos inseguros Telnet y HTTP y habilitar protocolos seguros SSH y HTTPS
Esta configuración proveé al router de una seguridad altisima al haber desabilitado los protocolos inseguros Telnet y HTTP y habilitar protocolos seguros SSH y HTTPS
No hay comentarios:
Publicar un comentario
"Tu opinión es importante, gracias por comentar"