This is an old revision of the document!
line console/vty x y exec timeout 0 0 logging synchronous
kako postavis geslo za XY vmesnik:
line console/vty/... login password xxx
General security template:
no service finger no service pad no service udp-small-servers no service tcp-small-servers no service config no service dhcp no service compress-config no ip http server no ip bootp server no ip finger no ip identd no ip source-route service nagle service timestamps debug datetime localtime show-timezone msec service timestamps log datetime localtime show-timezone msec ip spd enable no cdp run
logging buffered 16384 logging trap debugging logging 169.223.10.20 logging console warnings
ip subnet-zero ip classless ! Deal with dead connections gracefully service tcp-keepalives-in service tcp-keepalives-out
! Set time for UK clock timezone GMT 0 clock summer-time BST recurring
! Do not allow packet to specify their own route no ip source-route
! Enable Cisco Express Forwarding technology ip cef
ntp master ntp update-calendar ntp server
no ip domain-lookup ip domain-list domain.org ip domain-list . ip domain-name domain.org
ip name-server 10.0.0.1 ip name-server 10.1.0.1
line con 0 exec-timeout 5 0 password 7 <######> login authentication no_tacacs transport input none line aux 0 exec-timeout 5 0 password 7 <#######> login authentication test modem InOut transport input all stopbits 1 speed 19200 flowcontrol hardware line vty 0 4 exec-timeout 5 0 password 7 <########> login authentication test transport input telnet
General Interface Template:
no ip redirect no ip direct broadcast no ip proxy-arp no ip unreachables ! no ip mask-reply
General Security Template:
service password-encryption enable secret <removed> no enable password
! Limit the amount of ICMP traffic (DDOS protection) rate-limit input access-group 110 2048000 8000 8000 conform-action transmit exceed-action drop