How to Configure Router Enable and Line Passwords 

Router Enable and Line Passwords 

The router has some ports that allow access to the router and through these ports, you can specify passwords to provide a layer of security to the router. As long as the router is locked inside a room by default, a Cisco Router is very secure. The router allows only console access as well, but no SHH or Telnet access. One question arises many times how we can configure enable and line passwords on the Cisco router and how we can remove them from the router. So, here is the complete solution that how you can configure the Enable and Line Passwords on the Cisco Router.

            Five passwords are used to secure Cisco routers.

Three of these are Line Passwords that are used to configure a password when user mode is accessed through Console port, auxiliary port, or via Telnet.

The enable password and enable secret are used to secure privileged exec mode by using the password. When the enable command is used this will prompt a user to set a password.

Enable and Line Passwords

Enable and Line Passwords Detail

How to Configure Router Enable and Line Passwords

1. Configuring Line Console Password

On the Router back the Console port is used to directly connect to the Router. Use the password line configuration mode to specify a password.

Router> enable

Router# configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

Router (config) # hostname R1

R1 (config) # exit

R1 # configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

R1 (config) # line?

Line Options

R1 (config) # line console?

<0-0> First Line number

R1 (config) # line console 0

Line Console Number Range

R1 (config-line) # password Networking 510

R1 (config-line) # login

R1 (config-line) # end

R1 #

Note: It is most important to configure the Login Command otherwise the console port won’t prompt for authentication. You won’t be asked for a password if you configure no login.

Verification

R1# exit

R1 con0 is now available.

Press RETURN to get started.

Router Password

User Access Verification

Password:

R1> enable

R1#

2.     Configuring Line Auxiliary Password

On the Router back the auxiliary port is used to connect a Modem. It allows the user to access the router configuration remotely. It should have a password specified for it if a modem is connected to the port.

R1> enable

R1 # configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

R1 (config) # line aux 0

R1 (config-line) # password Networking 510

R1 (config-line) # login

R1 (config-line) # end

R1 #

*April 1 01:53:21.931: %SYS-5-CONFIG-l: configured from console by console

R1 #

3.     Configuring Telnet / Line VTY Password

VTY (Virtual Terminal Lines) are used to allow access to the router remotely. A router can have variable virtual terminal lines depending on the IOS version of the router and hardware platform.

R1> enable

R1 # configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

R1 (config) # line vty 0?

<1-871> Last Line number

<cr>

VTY Line Number Range

R1 (config) # line vty 0 871

R1 (config-line) # password Networking 510

R1 (config-line) # login

R1 (config-line) # end

R1 #

4.     Configuring Enable Mode Password

The enable password is used for privileged exec mode security, and when the enable command is used it will prompt a user for a password.

R1> enable

R1 # configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

R1 (config) # enable password IT 510

R1 (config) # exit

R1 #

*April 1 01:16:47.947: %SYS-5-CONFIG_l: configured from console by console

Verification

R1 # exit

R1 con0 is now available.

Press RETURN to get started.

User Access Verification

Password:

R1> enable

Line Console Password

Password:

R1 #

Enable Mode Password

5. Configuring Enable Secret Password

Enable secret password is the password in encrypted form and it is used to gain access to enable mode and to the global configuration mode on the Router. It is more preferred over enable password. The enable password and enable secret password should not be the same.

R1> enable

R1 # configure terminal

Enter configuration commands, one per line. End with CNTL / Z.

R1 (config) # enable secret Computer 510

R1 (config) # exit

R1 #

Running-Config

R1 #show running-config

Building configuration…

Current configuration: 806 bytes

!

Version 12.3

Service timestamps debug Datetime msec

Service timestamps log Datetime msec

No service password-encryption

No service DHCP

!

hostname R1

!

Boot-start-marker

Boot-end-marker

!

Enable secret 5 $1$75 / B$P0vAqIL / f2jlvrZ3WVLuh1

Enable password IT 510

Enable Secret Password

!

<--- OUTPUT OMITTED --->

Search Tags

1. How to Configure CISCO Router Password
2. How to change router password
3. How to configure Line Console Password
4. What is difference between enable password and secret

If you want to remove passwords from router then visit: 👇

How to Remove Router Enable and Line Passwords