USD ($)
$
United States Dollar
India Rupee

How to Configure a Banner in Cisco Router

Created by Gautam Sharma in Articles 5 Jan 2024
Share

Task

● Configure a login banner so any endeavored associations with the device are provoked with Legal data and security data

● Configure an EXEC banner such that the system shows the hostname when the user creates 

an exec session with the computer, and the current line on which the session was formed.

● To view the latest scheduled downtime for system maintenance, configure the Message of the Day (MOTD) Banner


Initial Configuration

There is no initial configuration in this lab.

Explanation

Banner is used to give someone security alert who wants to telnet into your internetwork. The security warning or message can be produced and personalised and will be displayed on the router when someone attempts to access your computer. Here are the three types of banners that you need to make sure you know:

Exec banner – A line-activation (exec) banner can be configured to be displayed when EXEC processes have been formed, such as line activation or an incoming link to a VTY line. An exec banner can be triggered simply by initiating a user exec session via a console port.

Login banner – After the MOTD banner but before the login prompts, this banner will come up. You can not disable this login banner on a per-line basis, so you have to uninstall it with the No Banner Login command to disable it globally.

Message of the day banner– The most frequently used banners are Message of the Day (MOTD) banners since they send a message to anyone connecting via Telnet or an auxiliary port or even via a console port to the router.

Configuration

For goal one, you must configure a login banner to warn the legal details and privacy information of the incoming session. You would need to use a delimiting character when configuring a banner; that is a character that appears only at the beginning and end of the banner. A ^ is widely used.

To configure a banner you’ll use the “banner” command followed by the type of banner rather it be “login, exec, motd” and the delimiting character

As shown below you can see a basic Login banner is configured

Configuration is verified by ending and re-establishing an exec session with the device


R1(config)#banner login ^

#######################################################

# #

# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

^

Router>


As shown below is the login banner configuration verification


Router con0 is now available

Press RETURN to get started.

#######################################################

# #


# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

Router>


Requests that you configure an exec banner to display what the hostname of the system is and the line on which the session is built for any authenticated exec sessions. You would need to know what banner tokens are in order to configure this sort of banner. The banner tokens used for this purpose are $(hostname) and $(line) with the hostname and line number displayed.

Use the following text Session set to $(hostname) on line $(line) To configure the exec banner as needed by objective 3, use the following text Session set to $(hostname) on line $(line) Like the previous login banner you configured, you execute the same command in global configuration mode, but instead execute banner login ^ as shown below.


R1(config)#banner exec ^

Enter TEXT message. End with the character ‘^’.

session establish to $(hostname)via line $(line)

^

R1(config)#exit


After configuring the exec banner, check your setup by terminating the exec session and resetting the system to an exec session, as shown below.


#######################################################

# #

# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

session establish to R1via line 0


Router>


Is the last objective of the lab which is to configure a Message of the Day banner, which is commonly used to display maintenance information on the Cisco device such as “This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM”. The MOTD banner is displayed prior to the login banner on a Cisco Router or Switch and is configured the same was as any other banner which is to execute the banner command followed by the type of banner and the delimiting character in global configuration mode.

“It is the last aim of the laboratory to configure a Day Message banner that is widely used to display maintenance details on the Cisco computer, such as” This router will undergo regular maintenance from 12:00 to 2:00 AM on 01/01/10. The MOTD banner is displayed on a Cisco Router or Switch before the login banner and is configured the same as any other banner to run the banner command followed by the banner type and the delimiting character in the global configuration mode.

As shown below is an example MOTD banner configuration and verification


R2(config)#banner motd ^

Enter TEXT message. End with the character ‘^’.

THIS ROUTER WILL BE ON MAINTAINENECE ON 15/10/2016 TO 16/10/2016

^


R2 con0 is now available

press RETURN to get started


THIS ROUTER WILL BE ON MAINTAINENECE ON 15/10/2016 TO 16/10/2016


seesion to establish to R2 on line 0


R2>


Comments (0)

Share

Share this post with others