Packet Tracer - Configure Cisco Routers for Syslog, NTP, and SSH Operations

 Packet Tracer - Configure Cisco Routers for Syslog,
NTP, and SSH Operations

Now Click on R1 and then go to CLI

Test connectivity. All devices should be able to ping all other IP addresses.

Test connectivity. All devices should be able to ping all other IP addresses.

Step 2: Configure OSPF MD5 authentication for all the routers in area 0. Configure

OSPF MD5 authentication for all the routers in area 0.

R1(config)# router ospf 1

R1(config-router)# area 0 authentication message-digest

R2(config)# router ospf 1

R2(config-router)# area 0 authentication message-digest

R3(config)# router ospf 1

R3(config-router)# area 0 authentication message-digest

\

Step 3: Configure the MD5 key for all the routers in area 0. Configure an MD5 key on the serial

interfaces on R1, R2 and R3. Use the password MD5pa55 for key 1.

R1(config)# interface s0/0/0

R1(config-if)# ip ospf message-digest-key 1 md5 MD5pa55

R2(config)# interface s0/0/0

R2(config-if)# ip ospf message-digest-key 1 md5 MD5pa55

R2(config-if)# interface s0/0/1

R2(config-if)# ip ospf message-digest-key 1 md5 MD5pa55

R3(config)# interface s0/0/1

R3(config-if)# ip ospf message-digest-key 1 md5 MD5pa55

Step 4: Verify configurations.

a. Verify the MD5 authentication configurations using the commands show ip ospf interface. b.

Verify end-to-end connectivity.

Part 2: Configure NTP

Step 1: Enable NTP authentication on PC-A.

a. On PC-A, click NTP under the Services tab to verify NTP service is enabled.

b. To configure NTP authentication, click Enable under Authentication. Use key 1 and password NTPpa55

for authentication.

Step 2: Configure R1, R2, and R3 as NTP clients.

R1(config)# ntp server 192.168.1.5

R2(config)# ntp server 192.168.1.5

R3(config)# ntp server 192.168.1.5

Verify client configuration using the command show ntp status.

Step 3: Configure routers to update hardware clock. Configure R1, R2, and R3 to periodically

update the hardware clock with the time learned from NTP.

R1(config)# ntp update-calendar

R2(config)# ntp update-calendar

R3(config)# ntp update-calendar

Exit global configuration and verify that the hardware clock was updated using the command show clock.

Step 4: Configure NTP authentication on the routers. Configure NTP

authentication on R1, R2, and R3 using key 1 and password NTPpa55.

R1(config)# ntp authenticate

R1(config)# ntp trusted-key 1

R1(config)# ntp authentication-key 1 md5 NTPpa55

R2(config)# ntp authenticate

R2(config)# ntp trusted-key 1

R2(config)# ntp authentication-key 1 md5 NTPpa55

R3(config)# ntp authenticate

R3(config)# ntp trusted-key 1

R3(config)# ntp authentication-key 1 md5 NTPpa55

Step 5: Configure routers to timestamp log messages.

Configure timestamp service for logging on the routers.

R1(config)# service timestamps log datetime msec

R2(config)# service timestamps log datetime msec

R3(config)# service timestamps log datetime msec

line vty 0 4

password vtypa55

login

enable secret ciscoen55

Part 2: Configure OSPF MD5 Authentication

Test connectivity.

PCA> ping 192.168.3.5

PCB> ping 192.168.3.5

router ospf 1

network 192.168.1.0 0.0.0.255 area 0

network 10.1.1.0 0.0.0.3 area 0

router ospf 1

network 10.1.1.0 0.0.0.3 area 0

network 10.2.2.0 0.0.0.3 area 0

router ospf 1

network 192.168.3.0 0.0.0.255 area 0

network 10.2.2.0 0.0.0.3 area 0

Execute command on only serial interface of all routers

router ospf 1

area 0 authentication message-digest

int se0/1/0

ip ospf message-digest-key 1 md5 MD5pa55

exit

router ospf 1

area 0 authentication message-digest

int se0/1/0

ip ospf message-digest-key 1 md5 MD5pa55

exit

int se0/1/1

ip ospf message-digest-key 1 md5 MD5pa55

exit

router ospf 1

area 0 authentication message-digest

int se0/1/1

ip ospf message-digest-key 1 md5 MD5pa55

exit

show ip ospf interface

Configure NTP on all router

ntp server 192.168.1.5

ntp update-calendar

show clock 

ntp authenticate

ntp trusted-key 1

ntp authentication-key 1 md5 NTPpa55

service timestamp log datetime msec

Configure Routers to Log Messages to the Syslog Server 

on all routers:

logging host 192.168.1.6

show logging

on R3 this one

ip domain-name ccnasecurity.com

username SSHadmin privilege 15 secret ciscosshpa55

line vty 0 4

login local

transport input ssh

crypto key generate rsa

show ip ssh

ip ssh time-out 90

ip ssh authentication-retries 2

ip ssh version 2

show ip ssh

Open the Desktop of PC-C. Select the Command Prompt icon. From PC-C,

enter the command to connect to R3 via Telnet

telnet 192.168.3.1

ssh -l SSHadmin 192.168.3.1

password sshpa55

ssh -v2 -l SSHadmin 10.2.2.1