index_57
UNCLASSIFIED
Implementing Security on Cisco Routers
Version 1.0g
UNCLASSIFIED
57
The following example shows how to save the startup configuration to a file (for
emergencies only, not recommended between IOS versions).
Central# config t
Enter configuration commands, one per line. End with CNTL/Z.
Central(config)# ip ftp username nsmith
Central(config)# ip ftp password 1pace-4ward
Central(config)# exit
Central# copy startup-config ftp:
Address or name of remote host []? 14.2.9.1
Destination filename [startup-config]? /cisco/central/startup-
config
Writing startup-config !!
5516 bytes copied in 12.352 secs (459 bytes/sec)
Central#
The next example demonstrates how to load a new configuration to the startup
configuration. Before loading a configuration this way make sure that all the
configurations in the NVRAM have been saved.
Central# config t
Enter configuration commands, one per line. End with CNTL/Z.
Central(config)# ip ftp username nsmith
Central(config)# ip ftp password 1pace-4ward
Central(config)# exit
Central# copy /erase ftp: startup-config
Address or name of remote host []? 14.2.9.1
Source filename []? /cisco/central/startup-config
Destination filename [startup-config]?
Accessing ftp://14.2.9.1/cisco/central/startup-config...
Erasing the nvram filesystem will remove all files! Continue?
[confirm]
[OK]
Erase of nvram: complete
Loading /cisco/central/startup-config !
central-startup-config !
[OK - 5516/1024 bytes]
[OK]
5516 bytes copied in 4.364 secs
Central#
The other protocols, such as rcp and tftp, are less secure than FTP and should not be
used for loading or saving router configurations. See Section 4.5.5 for details on
using tftp if required.
4.1.8. References
[1] Cisco IOS Release 12.0 Security Configuration Guide, Cisco Press, 1999.
This is the reference manual and guide for major security features in IOS
12.0. Sections particularly relevant to Router Access Security include:
Security Overview, Configuring Passwords and Privileges, and Traffic
Filtering and Firewalls.