cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
798
Views
0
Helpful
6
Replies

catalyst 4500 line console security?

rhopkins_nci
Level 1
Level 1

What are some other security measures I could take on the line console 0 besides physical security and local login? Could I change the baud speed? Could I change or disable the break sequence? Could I disable password recovery? Thanks in advance.

1 Accepted Solution

Accepted Solutions

I don't have a Catalyst 4500 to test on but I believe you can change the config-register in config mode.

I just tried in a 6500,

(config)#config-register ?

<0x0-0xFFFF> Config register number

View solution in original post

6 Replies 6

Edison Ortiz
Hall of Fame
Hall of Fame

Physical security and local login should cover it. If you can, implement ACS or RADIUS for external account management - authentication and accounting.

Don't bother with disabling password recovery, it's more hassle than it's worth.

So there's really no way to protect the console connection from the break sequence after a hard restart? Just in case someone does get access or a disgruntled tech employee. I was able to change the baud speed, so now you have to match the speed, but does that only take effect after the start config is loaded. Thanks.

Just what I need! Thanks. One last question if you dont mind, I just want to confirm, in order to edit these configs I need to be in rommon mode, not while running in the ios? If so I need to reboot the switch and proceed with the break seq? Thanks again Edison.

I don't have a Catalyst 4500 to test on but I believe you can change the config-register in config mode.

I just tried in a 6500,

(config)#config-register ?

<0x0-0xFFFF> Config register number

well I think I have enough info to mess up something. thanks for your help.

Review Cisco Networking for a $25 gift card