:IT学习乐园
:Builder
:20250130
:1K+
Show users ---------显示连接的用户信息。
Clear line x ----------清除某个用户连接。
Show session ---------显示会话。
网络拓朴如下:
Router1 S0/0 <----> Router2 S0/0
Router1配置如下:
R1#show running-config
Building configuration...
Current configuration : 1325 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$mceS$BOoZJ5Pp/7QwSE6GJgnIq/
enable password 7 030752180500
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username builder privilege 10 password 7 1415070200002F39
!
!
!
!
!
!
interface Serial0/0
bandwidth 64
ip address 192.168.1.1 255.255.255.0
serial restart-delay 0
clock rate 64000
no dce-terminal-timing-enable
!
interface Serial0/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface FastEthernet1/0
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
ip http server
no ip http secure-server
!
!
!
cdp timer 90
cdp holdtime 240
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Router1! ^C
privilege exec level 10 show
!
line con 0
exec-timeout 0 0
password 7 030752180500
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 045802150C2E
login
!
!
end
R1#
Router2配置如下
R1#show running-config
Building configuration...
Current configuration : 1325 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$mceS$BOoZJ5Pp/7QwSE6GJgnIq/
enable password 7 030752180500
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username builder privilege 10 password 7 1415070200002F39
!
!
!
!
!
!
它们可以相互Ping通
R2#show running-config
Building configuration...
Current configuration : 1122 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$rfd5$/0v212MLcNsfWPmQNceVi0
enable password 7 05080F1C2243
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.0
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial0/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial0/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial0/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface FastEthernet1/0
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
password 7 0822455D0A16
logging synchronous
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 01100F175804
login
!
!
end
它们可以相互Ping通
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/38/88 ms
R1#
R1#
R2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/32/80 ms
R2#
========================
R1#
R1#show users
Line User Host(s) Idle Location
* 0 con 0 idle 00:00:00
Interface User Mode Idle Peer Address
R1#
R2 telnet 到R1 并按下ctrl+shif+6 x返回R2
R2#telnet 192.168.1.1
Trying 192.168.1.1 ... Open
Welcome to connect to Router1!
User Access Verification
Password:
R1>enable
Password:
R1#show users
Line User Host(s) Idle Location
0 con 0 idle 00:00:33
*130 vty 0 idle 00:00:00 192.168.1.2
Interface User Mode Idle Peer Address
R1#
R2#
R1#show users
Line User Host(s) Idle Location
* 0 con 0 idle 00:00:00
130 vty 0 idle 00:01:01
R1#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 1 0/0 -
129 AUX 9600/9600 - - - - - 0 0 0/0 -
* 130 VTY - - - - - 7 0 0/0 -
131 VTY - - - - - 0 0 0/0 -
132 VTY - - - - - 0 0 0/0 -
133 VTY - - - - - 0 0 0/0 -
134 VTY - - - - - 0 0 0/0 -
Line(s) not in async mode -or- with no hardware support:
1-128
R1#
R2#show users
Line User Host(s) Idle Location
* 0 con 0 192.168.1.1 00:01:41
Interface User Mode Idle Peer Address
R2#show sessions
Conn Host Address Byte Idle Conn Name
* 1 192.168.1.1 192.168.1.1 0 1 192.168.1.1
R2#
R2输入1连接到R1
R2#1
[Resuming connection 1 to 192.168.1.1 ... ]
R1#
R1#
从R1踢除R2的telnet
R1#clear line 130
[confirm]
[OK]
R1#show users
Line User Host(s) Idle Location
* 0 con 0 idle 00:00:00
Interface User Mode Idle Peer Address
R1#
###################
Show controllrs serial x/x -------------查看DCE或DTE。
bandwidth 64 -------------设置带宽64k,64k不是实际带宽,用来作为度量用(Metric)。
clock rate 64000 -------------设定时钟频率。
==========================================
R1#show controllers serial 0/0
M4T: show controller:
PAS unit 0, subunit 0, f/w version 1-45, rev ID 0x2800001, version 1
idb = 0x65058E10, ds = 0x65059ED8, ssb=0x6505A294
Clock mux=0x0, ucmd_ctrl=0x0, port_status=0x7B
Serial config=0x8, line config=0x200
maxdgram=1608, bufpool=78Kb, 120 particles
DCD=up DSR=up DTR=up RTS=up CTS=up
line state: down
cable type : V.11 (X.21) DCE cable, received clockrate 2015232
base0 registers=0x3C000000, base1 registers=0x3C002000
mxt_ds=0x64DED088, rx ring entries=78, tx ring entries=128
rxring=0x5D237A0, rxr shadow=0x650608F0, rx_head=0
txring=0x5D23A60, txr shadow=0x65060CCC, tx_head=0, tx_tail=0, tx_count=0
throttled=0, enabled=0
halted=0, last halt reason=0
Microcode fatal errors=0
rx_no_eop_err=0, rx_no_stp_err=0, rx_no_eop_stp_err=0
rx_no_buf=0, rx_soft_overrun_err=0, dump_err= 0, bogus=0, mxt_flags=0x0
tx_underrun_err=0, tx_soft_underrun_err=0, tx_limited=1(2)
tx_fullring=0, tx_started=0, mxt_flush_count=2
rx_int_count=0, tx_int_count=3
R1#
----------------------------------------------------------------
R1(config)#interface serial0/0
R1(config-if)#bandwidth 64
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown
###################
Cisco有0~15,16个特权级别。默认是级别15.
===========================================
网络拓朴如下:
Router1 S1/0 <----> Router2 S1/1
Router1配置如下:
R1#
R1#
R1#show run
R1#show running-config
Building configuration...
Current configuration : 1244 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$QHHQ$MNawjclidsr.4sQiCMt5M/
enable password 7 110A1016141D
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
bandwidth 64
ip address 192.168.1.1 255.255.255.0
serial restart-delay 0
clock rate 64000
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.1.2
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Router1 ^C
!
line con 0
exec-timeout 0 0
password 7 030752180500
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 02050D480809
login
!
!
end
R1#
Router2配置如下:
R2#
R2#show run
R2#show running-config
Building configuration...
Current configuration : 1220 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$gOAL$ndDQoj62SMHClFj3RLkKB0
enable password 7 104D000A0618
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
ip address 192.168.1.2 255.255.255.0
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
ip http server
no ip http secure-server
ip route 192.168.2.0 255.255.255.0 Serial1/1
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
banner motd ^C Welcome to connect to Router2 ^C
!
line con 0
exec-timeout 0 0
password 7 110A1016141D
logging synchronous
login
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 110A1016141D
login
!
!
end
R2#
---------------------
R1用默认路由,R2用静态路由。它们可以相互Ping通
R1#
R1#
R1#ping 192.168.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/31/68 ms
R1#
ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/25/56 ms
R2#
======================================
从R2上telnet R1
R2#
R2#telnet 192.168.2.1
Trying 192.168.2.1 ... Open
Welcome to connect to Router1
User Access Verification
Password:
R1>enable
Password:
R1#
R1#
----------------------------
显示当前特权级别 show privilege
R1#show privilege
Current privilege level is 15
R1#
R1#
定义无用户名的特权登录密码
R1(config)#enable ?
last-resort Define enable action if no TACACS servers respond
password Assign the privileged level password
secret Assign the privileged level secret
use-tacacs Use TACACS to check enable passwords
R1(config)#enable secret ?
0 Specifies an UNENCRYPTED password will follow
5 Specifies an ENCRYPTED secret will follow
LINE The UNENCRYPTED (cleartext) 'enable' secret
level Set exec level password
R1(config)#enable secret 5 ?
LINE The ENCRYPTED 'enable' secret string
R1(config)#enable secret level ?
<1-15> Level number
R1(config)#enable secret level 5 builder
R1(config)#
用级别5登录
R1>enable 5
Password:
R1#
R1#show privilege
Current privilege level is 5
R1#
没有权限进不了配置模式
R1#configure terminal
^
% Invalid input detected at '^' marker.
R1#
R1(config)#privilege exec level 5 configure terminal
*Mar 1 01:06:54.035: %SYS-5-CONFIG_I: Configured from console by console
R1#disable 10
R1#show privilege
Current privilege level is 10
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#
R1(config)#interface s1/0
^
% Invalid input detected at '^' marker.
R1(config)#
------------------------
定义有用户名的特权级别:
R1#
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#username ?
WORD User name
R1(config)#username builder ?
aaa AAA directive
access-class Restrict access by access-class
autocommand Automatically issue a command after the user logs in
callback-dialstring Callback dialstring
callback-line Associate a specific line with this callback
callback-rotary Associate a rotary group with this callback
dnis Do not require password when obtained via DNIS
nocallback-verify Do not require authentication after callback
noescape Prevent the user from using an escape character
nohangup Do not disconnect after an automatic command
nopassword No password is required for the user to log in
password Specify the password for the user
privilege Set user privilege level
secret Specify the secret for the user
user-maxlinks Limit the user's number of inbound links
view Set view name
<cr>
R1(config)#username builder privilege ?
<0-15> User privilege level
R1(config)#username builder privilege 5 ?
aaa AAA directive
access-class Restrict access by access-class
autocommand Automatically issue a command after the user logs in
callback-dialstring Callback dialstring
callback-line Associate a specific line with this callback
callback-rotary Associate a rotary group with this callback
dnis Do not require password when obtained via DNIS
nocallback-verify Do not require authentication after callback
noescape Prevent the user from using an escape character
nohangup Do not disconnect after an automatic command
nopassword No password is required for the user to log in
password Specify the password for the user
privilege Set user privilege level
secret Specify the secret for the user
user-maxlinks Limit the user's number of inbound links
view Set view name
<cr>
R1(config)#username builder privilege 5 secret ?
0 Specifies an UNENCRYPTED secret will follow
5 Specifies a HIDDEN secret will follow
LINE The UNENCRYPTED (cleartext) user secret
R1(config)#username builder privilege 5 secret builder ?
LINE <cr>
R1(config)#username builder privilege 5 secret builder
R1(config)#
执行Show running-config命令就可能看到刚才新建的用户信息。
R1#show running-config
username builder privilege 5 secret 5 $1$Hdfr$/S4683jx9FpWbTI0aMtTR1
修改控制台和VTY登录方式为login local
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#line vty 0
R1(config-line)#login local
R1(config-line)#end
R1#
----------------------
验证:
Press RETURN to get started.
Welcome to connect to Router1
User Access Verification
Username: builder
Password:
R1#
---配置主机列表:
R2(config)#ip host R1 192.168.2.1
R2#show hosts
Default domain is not set
Name/address lookup uses domain service
Name servers are 255.255.255.255
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
R1 None (perm, OK) 0 IP 192.168.2.1
R2#
R2#connect R1
Translating "R1"...domain server (255.255.255.255)
(255.255.255.255)Trying R1 (192.168.2.1)... Open
Welcome to connect to Router1
User Access Verification
Username: builder
Password:
R1#show privilege
Current privilege level is 5
R1#enable
Password:
R1#show privilege
Current privilege level is 15
R1#
粤ICP备2021159682号-1
974367855
BuilderZou
BuilderZou@163.com