ITCwiki - User contributions [en]

Franske CNT-2540

2010-05-05T15:19:41Z

Ciscoapps: /* Projects */

This is the homepage for the CNT-2540: Accessing the WAN classes taught by Dr. Ben Franske.

== General Course Information ==
* [[Franske CNT-2540 SP10 Syllabus|Spring 2010 Course Syllabus]]
* [[Franske CNT-2540 SP10 Schedule|Spring 2010 Course Schedule]]
* [[Franske CNT-2540 Lab Point Sheet|Lab Point Sheet]]
* [[Franske CNT Service Project Assignment|Service Project Assignment]]
* [[Franske Lab Report Format|Lab Report Format]]
* Assessments and online curriculum available at [http://cisco.netacad.net http://cisco.netacad.net]

== Projects ==
*[[Frame relay multipoint lab]]
*[[How to configure SDM to secure a router]]

== Resources ==
=== Subnetting ===
* [http://www.learntosubnet.com LearnToSubnet.com] (Requires using Internet Explorer)

How to configure SDM to secure a router

2010-05-05T15:10:08Z

Ciscoapps:

Cisco SDM simplifies router and security configuration through sophisticated wizards, enabling you to quickly and easily deploy, configure, and monitor a Cisco access router without involving knowledge of the Cisco IOS Software command-line interface (CLI).

''== '''Segment ONE:''' ==''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

''== '''Segment TWO:''' ==''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

''== '''Segment THREE:''' ==''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

Now we can discover that the default configuration is not secure.

Click

Close

to continue.

''== '''Segment 4:''' '''Applying settings to the router.''' ==''

[[File:88.JPG]]

Click

Fix All

to make all the suggested security changes.

Then click

Next

[[File:9.JPG]]

Enter your banner message to use as the message of the day for the router, and then click

Next

[[File:10.JPG]]

Now set the level of severity of log traps that you want the router to send to the syslog server.

The severity level is set to debugging for this scenario.

To view a summary of the changes about to be made to the router.

Click
Next

''== '''Segment 5:''' '''Commit the configuration to the router.''' ==''

[[File:11.JPG]]

After you review the changes, click

Finish

[[File:12.JPG]]

preparing... ...

[[File:13.JPG]]

Click

Ok

Now you can use the command

show run

and see the new configuration of your router.

I hope you enjoy the security audits to measure the strengths and weaknesses of your router configurations against common security vulnerabilities and fine-tune your present security configurations to better suit your business needs.

How to configure SDM to secure a router

2010-05-04T21:31:38Z

Ciscoapps:

''== '''Segment ONE:''' ==''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

''== '''Segment TWO:''' ==''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

''== '''Segment THREE:''' ==''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

Now we can discover that the default configuration is not secure.

Click

Close

to continue.

''== '''Segment 4:''' '''Applying settings to the router.''' ==''

[[File:88.JPG]]

Click

Fix All

to make all the suggested security changes.

Then click

Next

[[File:9.JPG]]

Enter your banner message to use as the message of the day for the router, and then click

Next

[[File:10.JPG]]

Now set the level of severity of log traps that you want the router to send to the syslog server.

The severity level is set to debugging for this scenario.

To view a summary of the changes about to be made to the router.

Click
Next

''== '''Segment 5:''' '''Commit the configuration to the router.''' ==''

[[File:11.JPG]]

After you review the changes, click

Finish

[[File:12.JPG]]

preparing... ...

[[File:13.JPG]]

Click

Ok

Now you can use the command

show run

and see the new configuration of your router.

How to configure SDM to secure a router

2010-05-04T21:25:11Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T21:16:04Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

Now we can discover that the default configuration is not secure.

Click

Close

to continue.

'''Segment 4:''' Applying settings to the router.

[[File:88.JPG]]

Click

Fix All

to make all the suggested security changes.

Then click

Next

[[File:9.JPG]]

Enter your banner message to use as the message of the day for the router, and then click

Next

[[File:10.JPG]]

[[File:11.JPG]]

[[File:12.JPG]]

[[File:13.JPG]]

How to configure SDM to secure a router

2010-05-04T21:10:22Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

Now we can discover that the default configuration is not secure.

Click

Close

to continue.

'''Segment 4:''' Applying settings to the router.

[[File:88.JPG]]

[[File:9.JPG]]

[[File:10.JPG]]

[[File:11.JPG]]

[[File:12.JPG]]

[[File:13.JPG]]

File:88.JPG

2010-05-04T21:09:09Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T21:08:58Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

Now we can discover that the default configuration is not secure.

Click

Close

to continue.

'''Segment 4:''' Applying settings to the router.

[[File:8.JPG]]

[[File:9.JPG]]

[[File:10.JPG]]

[[File:11.JPG]]

[[File:12.JPG]]

[[File:13.JPG]]

How to configure SDM to secure a router

2010-05-04T21:01:28Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit check:

[[File:7.JPG]]

[[File:8.JPG]]

[[File:9.JPG]]

[[File:10.JPG]]

[[File:11.JPG]]

[[File:12.JPG]]

[[File:13.JPG]]

How to configure SDM to secure a router

2010-05-04T20:59:50Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit.

[[File:7.JPG]]

[[File:8.JPG]]

[[File:9.JPG]]

[[File:10.JPG]]

[[File:11.JPG]]

[[File:12.JPG]]

[[File:13.JPG]]

How to configure SDM to secure a router

2010-05-04T20:57:59Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', the next window will gives you a brief explanation of what the Security Audit feature does.

[[File:55.JPG]]

Click on

Next

to open the Security Audit Interface configuration window.

[[File:6.JPG]]

An interface should be classified as outside (untrusted).

After selecting outside and inside interfaces, click

Next

A new window opens indicating that SDM is conducting a security audit.

[[File:7.JPG]]

[[File:8.JPG]]

[[File:9.JPG]]

[[File:10.JPG]]

[[File:11.JPG]]

How to configure SDM to secure a router

2010-05-04T20:43:39Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T20:38:49Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T20:30:08Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the '''. Configure .''' button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to '''Security Audit''' and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on '''Security Audit''', this window will gives you a brief explanation of what the Security Audit feature does.

Click on

Next

to open the Security Audit Interface configuration window.

[[File:55.JPG]]

[[File:6.JPG]]

File:13.JPG

2010-05-04T20:20:42Z

Ciscoapps:

File:12.JPG

2010-05-04T20:20:27Z

Ciscoapps:

File:11.JPG

2010-05-04T20:20:13Z

Ciscoapps:

File:10.JPG

2010-05-04T20:20:01Z

Ciscoapps:

File:9.JPG

2010-05-04T20:19:34Z

Ciscoapps:

File:8.JPG

2010-05-04T20:18:17Z

Ciscoapps:

File:7.JPG

2010-05-04T20:18:02Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T20:17:33Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the - Configure - button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to Security Audit and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on Security Audit, this window will gives you a brief explanation of what the Security Audit feature does.

Click on

Next

to open the Security Audit Interface configuration window.

[[File:55.JPG]]

[[File:6.JPG]]

How to configure SDM to secure a router

2010-05-04T20:17:10Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the - Configure - button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to Security Audit and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on Security Audit, this window will gives you a brief explanation of what the Security Audit feature does.

Click on

Next

to open the Security Audit Interface configuration window.

[[File:55.JPG]]

[[File:6JPG]]

File:6.JPG

2010-05-04T20:15:58Z

Ciscoapps: uploaded a new version of "File:6.JPG"

How to configure SDM to secure a router

2010-05-04T20:11:53Z

Ciscoapps:

'''Segment ONE:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager

Open Internet Explorer and enter the IP address for R2 in the address bar

Make sure that you have all popup blockers turned off in your browser.
Also make sure that JAVA is installed and updated.

This window opens.

[[File:1.JPG]]

After it is done loading, a new window opens for SDM like this one:

[[File:2.JPG]]

'''Segment TWO:'''

Navigate to the Security Audit feature.

Click the - Configure - button in the top left side of the window
[[File:3.JPG]]

Now navigate down the left panel to Security Audit and click on it.

[[File:4.JPG]]

'''Segment THREE:'''

When you click on Security Audit, this window will gives you a brief explanation of what the Security Audit feature does.

Click on

Next

to open the Security Audit Interface configuration window.

[[File:55.JPG]]

File:6.JPG

2010-05-04T19:57:21Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:57:10Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:54:16Z

Ciscoapps:

File:55.JPG

2010-05-04T19:53:16Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:51:28Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:46:30Z

Ciscoapps:

File:5.JPG

2010-05-04T19:45:25Z

Ciscoapps: uploaded a new version of "File:5.JPG"

How to configure SDM to secure a router

2010-05-04T19:44:01Z

Ciscoapps:

File:5.JPG

2010-05-04T19:41:37Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:37:30Z

Ciscoapps:

File:4.JPG

2010-05-04T19:35:15Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:34:56Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:30:53Z

Ciscoapps:

File:3.JPG

2010-05-04T19:26:16Z

Ciscoapps:

File:2.JPG

2010-05-04T19:26:02Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:25:49Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:16:42Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T19:08:06Z

Ciscoapps:

'''FIRST:'''

Connect to R2 using TFTP Server.
Create a username and password on R2:

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate''''

R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager
Open Internet Explorer and enter the IP address for R2 in the address bar. A new window opens. Make sure that you have all popup blockers turned off in your browser.

Also make sure that JAVA is installed and updated.

[[File:1.JPG]]

How to configure SDM to secure a router

2010-05-04T19:05:15Z

Ciscoapps:

'''FIRST:'''

Connect to R2 using TFTP Server.
Create a username and password on R2.

R2(config)#username ccna password ciscoccna

Enable the http secure server on R2 and connect to R2 using a web browser on TFTP Server:

R2(config)#ip http secure-server

*''Generating 1024 bit RSA keys, keys will be non-exportable...[OK]''

R2(config)#
*''Nov 16 16:01:07.763: %SSH-5-ENABLED: SSH 1.99 has been enabled
*''Nov 16 16:01:08.731: %PKI-4-NOAUTOSAVE:'' ''Configuration was modified. Issue "write memory" to save new certificate'''' R2(config)#end

R2#copy run start

From TFTP Server, open a web browser and navigate to https://192.168.20.1/

Login with the previously configured username and password:

username: ccna

password: ciscoccna

Select Cisco Router and Security Device Manager
Open Internet Explorer and enter the IP address for R2 in the address bar. A new window opens. Make sure that you have all popup blockers turned off in your browser.

Also make sure that JAVA is installed and updated.

[[File:1.JPG]]

File:1.JPG

2010-05-04T18:57:11Z

Ciscoapps:

How to configure SDM to secure a router

2010-05-04T18:36:45Z

Ciscoapps: Created page with ''''FIRST:''' Connect to R2 using TFTP Server. Create a username and password on R2. R2(config)#username ccna password ciscoccna Enable the http secure server on R2 and con…'