Task 1: Create a local user on Router for authentication.

• Username: admin
• Password: cisco123
• Privilege level: Exec mode

Router#configure terminal
Router(config)#username admin privilege 15 password cisco123

privilege 15 assigns full administrative (Exec mode) privileges to the user.

 

Task 2: Restrict access on VTY lines 0-4 to Telnet only and secure it with local user authentication.

VTY lines are used for remote access to the device. Restricting access to telnet only and securing with local user authentication means only authenticated users with the correct Telnet credentials can remotely access the router.

Router(config)#line vty 0 4
Router(config-line)#transport input telnet
Router(config-line)#login local
Router(config-line)#exit

line vty 0 4 selects the first five VTY lines (used for remote access).

login local configures the VTY lines to authenticate using the local user database.

transport input telnet restricts remote access to Telnet only.

 

Task 3: Verify Telnet access from the PC.

From the PC, initiate a Telnet session to the Router.

PC:\>telnet 192.168.1.1

Trying 192.168.1.1 …Open

User Access Verification

Username: admin

Password: cisco123

 

Router#

You should gain full access to the router in Exec mode.

 

Task 4: Secure the console line to prevent unauthorized physical access using password "console123"

We need to modify the console line for this purpose.

Router(config)#line console 0
Router(config-line)#password console123
Router(config-line)#login
Router(config-line)#exit

line console 0 configures the console line (used for physical access).

password console123 sets a password for console access.

login requires the user to enter the console password during physical access.

When accessing Router through console (terminal) a prompt for the console password will be shown, restricting access to unauthorized users.

 

Now exit configuration mode and save the configuration.

Router(config)#end
Router#write memory