Questions

How do configure a cisco 881 router for remote management via the wan por?

Tags:
+
0 Votes
Locked

How do configure a cisco 881 router for remote management via the wan por?

mlehr
I need to remotely make changes to a cisco router 881 using CCP. How do I configure the router for this?
  • +
    0 Votes
    robo_dev

    If you just need CLI access, then configure enable SSH and create a NAT rule for that and you're done.

    Depending on where you connect from, you might want to create an ACL for a particular IP address or use a non-standard SSH port for additional security.

    see the guide below for the config:
    http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

    NOTE:

    Looking at your current config, above, you've posted your router username and the hash of both your device and enable passwords on the Internet :) (so you might want to change those). You also posted your dyndns username AND your domain name, so an attacker knows what door to knock on. I can also see the NAT rules which show what ports are open AND the internal IP address of each server. I am not trying to be snarky here, but really that's making an attacker's job a lot easier.

    +
    0 Votes
    mlehr

    Thanks for the heads up! and the link.

  • +
    0 Votes
    robo_dev

    If you just need CLI access, then configure enable SSH and create a NAT rule for that and you're done.

    Depending on where you connect from, you might want to create an ACL for a particular IP address or use a non-standard SSH port for additional security.

    see the guide below for the config:
    http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

    NOTE:

    Looking at your current config, above, you've posted your router username and the hash of both your device and enable passwords on the Internet :) (so you might want to change those). You also posted your dyndns username AND your domain name, so an attacker knows what door to knock on. I can also see the NAT rules which show what ports are open AND the internal IP address of each server. I am not trying to be snarky here, but really that's making an attacker's job a lot easier.

    +
    0 Votes
    mlehr

    Thanks for the heads up! and the link.