EasyManuals Logo
Home>Cisco>Network Router>ASR 1000 Series

Cisco ASR 1000 Series User Manual

Cisco ASR 1000 Series
72 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #17 background imageLoading...
Page #17 background image
Page 17 of 72
configuration of the Router. If the Router reboots and resumes operation when uncommitted
changes have been made, these changes will be lost and the Router will revert to the last
configuration saved.
3.2.3 Enabling FIPS Mode
The TOE must be run in the FIPS mode of operation. The use of the cryptographic engine in any
other mode was not evaluated nor tested during the CC evaluation of the TOE. This is done by
setting the following in the configuration:
The value of the boot field must be 0x0102. This setting disables break from the console to the
ROM monitor and automatically boots the IOS image. From the ROMMON command line enter
the following:
confreg 0x0102 [3] under section “C commands”
The self-tests for the cryptographic functions in the TOE are run automatically during power-on
as part of the POST. The same POST self-tests for the cryptographic operations can also be
executed manually at any time by the privileged administrator using the command:
test crypto self-test [10] Cisco IOS Security Command Reference: Commands S to Z
3.2.4 Administrator Configuration and Credentials
The ASR must be configured to use a username and password for each administrator and one
password for the enable command. Ensure all passwords are stored encrypted by using the
following command:
service password-encryption [10] Cisco IOS Security Command Reference: Commands
S to Z
Configures local AAA authentication:
aaa authentication login default local [10] Cisco IOS Security Command Reference:
Commands A to C
aaa authorization exec default local [10] Cisco IOS Security Command Reference:
Commands A to C
When creating administrator accounts, all individual accounts are to be set to a privilege level of
one. This is done by using the following commands:
username <name> password <password> [10] Cisco IOS Security Command
Reference: Commands S to Z
to create a new username and password combination, and
username <name> privilege 1 [10] Cisco IOS Security Command Reference:
Commands S to Z
to set the privilege level of <name> to 1.
3.2.5 Session Termination
Inactivity settings must trigger termination of the administrator session. These settings are
configurable by setting

Table of Contents

Other manuals for Cisco ASR 1000 Series

Preview: Software Configuration Guide
Software Configuration Guide602 pages
Preview: Configuration Guide
Configuration Guide126 pages
Preview: Replacing
Replacing120 pages
Preview: Hardware Installation Guide
Hardware Installation Guide594 pages
Preview: Installation And Configuration Guide
Installation And Configuration Guide292 pages
Preview: Quick Start Guide
Quick Start Guide48 pages
Preview: Hardware Installation And Configuration Guide
Hardware Installation And Configuration Guide32 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 1000 Series and is the answer not in the manual?

Cisco ASR 1000 Series Specifications

General IconGeneral
BrandCisco
ModelASR 1000 Series
CategoryNetwork Router
LanguageEnglish

Related product manuals