om

Free Lab Friday

l.c
Implementing SSH and
Access Security
ba
om
db
vi
da
Free Lab Friday – Part 9 Implementing SSH and Access Security.

Packet Tracer Files: Assessment Lab

Free Lab Friday – Implementing SSH and Access Security.pka
Access Credentials:
User Exec: cisco
Privilege Exec: cisco

om
Tyrell Corporation’s NTP and Syslog implementation is complete across all Switches. The
next task is to implement basic security practices including SSH and Limiting remote access
security.
All Access Layer Switches in the enterprise network must be configured for the following:

l.c
1. SSH to be configured on ASW1-4 with the following parameters.
a. SSH login credentials: Username: student, password: Cisco123!
b. Domain Tyrell.com
ba
c. Key modulus of 2048 bits.
d. Only SSH version 2 should be allowed.
e. All available remote access sessions should be limited to SSH only.
2. Access Security to be configured with the following parameters.
om

a. ASW1 and ASW3 SSH sessions should only be accessible by ONLY VLAN11
and VLAN13 client devices.
b. ASW2 and ASW4 SSH sessions should only be accessible by ONLY VLAN12
and VLAN14 client devices.
c. SSH should be secured with an named ACL SSH_ACCESS that tracks
source IP addressing.
db

d. SSH sessions should auto-logout after 5 minutes of inactivity

e. Remote access sessions must not be interrupted by erroneous logging
messages.
vi

In addition, the clear text password for ‘student’ must not be viewable in the unencrypted
format.
da

You will be able to Check Results for your score. The Packet Tracer assessment file will
grade you and point you to check certain conditions have been met to score this lab on.
As this is an assessment lab, a copy of the completed .pkt file has been provided for
configuration comparison.
Good luck!

For more Labs go to http://davidbombal.com