Configuring Cisco Banners

0
26

Lab Prerequisites:

  • If you are using GNS3 than load the Stub Area Networking GNS3 topology file than start R1.
  • Establish a Console session with Router 1.

Lab Objectives:

  • Configure a login banner so that any attempted connections to the device are prompted with Legal information.
  • Configure an EXEC banner so that when a user establishes an exec session with the device the device displays the hostname and current line the session was established on.
  • Configure a Message of The Day (MOTD) Banner to display current scheduled downtime for device maintenance.

Lab Instruction:

Step 1. For objective one you’re required to configure a Login banner to inform incoming sessions legal information and privacy information. When configuring a banner you’ll need to use a delimiting character; which is a character that only appears at the beginning and end of the banner. The ^ is commonly used. To set a banner you’ll use the banner command followed by the type of banner rather it be login, exec, motd and the delimiting character. As shown below you can see a basic Login banner is configured and configuration is verified by ending and reestablishing an exec session with the device.

 

Router(config)# banner login ^
Enter TEXT message.  End with the character ‘^’
##########################################
#  This is a Login banner used to show   #
#    legal and privacy information.      #
#                                        #
#     Unauthorized users prohibited      #
##########################################
^
Router(config)# end
Router# exit

 

As shown below is the login banner configuration verfication.

 

Router con0 is now available

Press RETURN to get started.

##########################################
#  This is a Login banner used to show   #
#    legal and privacy information.      #
#                                        #
#     Unauthorized users prohibited      #
##########################################

User Access Verification

Password:

Router>

 

Objective 2. Requests that you to configure an exec banner so that any authenticated exec sessions will be shown what the device hostname is and the line the session is established on. In order to configure this type of banner you’ll need to know what Banner Tokens are. Banner tokens are basically a variable you can set in a banner that calls particular information from the device and dispatches it into the banner. The banner tokens that will be used in this objective are $(hostname) and $(line) which display the hostname and line number.

To configure the exec banner as required by objective 3, use the following text Session established to $(hostname) on line $(line)

Like the previous Login banner you’ve configured you execute the same command in global configuration mode but rather executing banner login ^ you’ll execute banner exec ^ as shown below.

 

Router> enable
Password:
Router#
Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# banner exec ^
Enter TEXT message.  End with the character ‘^’
Session established to $(hostname) on line $(line)
^
Router(config)#

 

After the exec banner is configured, verify your configuration by terminating your exec session and reestablishing an exec session to the device as shown below.

 

Router(config)# end
Router# exitRouter con0 is now available

Press RETURN to get started.##########################################
#  This is a Login banner used to show   #
#    legal and privacy information.      #
#                                        #
#     Unauthorized users prohibited      #
##########################################

User Access Verification

Password:
Session established to Router on line 0

Router>

 

Objective 3. is the last objective of the lab which is to configure a Message of the Day banner, which is commonly used to display maintenance information on the Cisco device such as “This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM”

The MOTD banner is displayed prior to the login banner on a Cisco Router or Switch and is configured the same was as any other banner which is to execute the banner command followed by the type of banner and the delimiting character in global configuration mode. As shown below is an example MOTD banner configuration and verification.

 

Router> enable
Password:
Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# banner motd ^
Enter TEXT message.  End with the character ‘^’
This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM
^
Router(config)#

 

To verify the MOTD banner configuration, exit and reestablish an exec session to the device as shown below.

 

Router(config)# end
Router# exit
Router con0 is now availablePress RETURN to get started.This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM##########################################
#  This is a Login banner used to show   #
#    legal and privacy information.      #
#                                        #
#     Unauthorized users prohibited      #
##########################################User Access Verification

Password:
Session established to Router on line 0

Router>

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.