Hostname, Password, and Banner Configuration (Cisco IOS)

In this lab, you will learn how to configure essential identification and security features on Cisco routers and switches. These configurations are considered basic but mandatory for any real-world network deployment.

You can use the Tab key after typing a few letters to automatically complete the full command in Cisco IOS.

Cisco IOS allows abbreviated commands as long as they are unique.

Show Commands (Most Used)

show version                 - sho ver
show interfaces              - sho int
show interfaces status       - sho int status
show ip route                - sho ip route
show ip protocols            - sho ip prot
show running-config          - sho run
show startup-config          - sho start
show vlan brief              - sho vlan bri
show mac address-table       - sho mac add
show cdp neighbors           - sho cdp nei
show cdp neighbors detail    - sho cdp nei det
show lldp neighbors          - sho lldp nei
show arp                     - sho arp
show clock                   - sho clock

Configuration Mode Commands

configure terminal           - conf t
interface fastEthernet0/1    - int fa0/1
interface gigabitEthernet0/1 - int gi0/1
router ospf 1                - rou ospf 1
router rip                   - rou rip
router eigrp 10              - rou eig 10
exit                         - ex
end                          - end

Interface Configuration

ip address 192.168.1.1 255.255.255.0 - ip add 192.168.1.1 255.255.255.0
no shutdown                        - no shut
shutdown                           - shut
description Link to SW1            - desc Link to SW1
switchport mode access             - sw mo acc
switchport mode trunk              - sw mo tru

VLAN Commands

vlan 10            - vlan 10
name SALES         - name SALES
show vlan          - sho vlan
show vlan brief    - sho vlan bri

Save & Reload

copy running-config startup-config - copy run start
write memory                      - wr mem
reload                            - rel

Troubleshooting / Testing

ping 192.168.1.1      - ping 192.168.1.1
traceroute 8.8.8.8    - trace 8.8.8.8
show logging          - sho log
show processes cpu    - sho proc cpu

Very Important Note (Exam + Real Devices)

Cisco IOS does not require the full command word — only enough characters to make it unique.

show       → sho
configure  → conf
interface  → int

But ❗
If the shortcut becomes ambiguous, IOS will reject the command.

1. Hostname Configuration

Explanation

The hostname is the logical name assigned to a Cisco router or switch. It helps administrators easily identify devices, especially in environments with multiple routers and switches.

By default, Cisco devices use generic names such as Router or Switch. Changing the hostname is a basic and essential configuration step.

Cisco Prompt Commands

Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname NetsTuts_SW1
NetsTuts_SW1(config)#end
NetsTuts_SW1#
%SYS-5-CONFIG_I: Configured from console by console
NetsTuts_SW1#wr
Building configuration...
[OK]
NetsTuts_SW1#

Configuring a custom hostname on a Cisco router or switch to replace the default device name.

2. Enable Password vs Enable Secret

Explanation

Cisco devices use enable password and enable secret to protect access to Privileged EXEC mode.

Feature	Enable Password	Enable Secret
Encryption	Weak / Reversible	Strong (MD5 Hash)
Security Level	Low	High
Recommendation	Not Recommended	Recommended

If both are configured, enable secret always takes priority.

Configuring Enable Password (Legacy)

NetsTuts_SW1>en
NetsTuts_SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
NetsTuts_SW1(config)#ena pass cisco@123
NetsTuts_SW1(config)#end
NetsTuts_SW1#
%SYS-5-CONFIG_I: Configured from console by console
wr
Building configuration...
[OK]
NetsTuts_SW1#

Verify with "show running-config" command

! hostname NetsTuts_SW1
! enable password cisco@123

Configuring the legacy enable password (not recommended for production).

Enter the created password (The password you enter will be invisible)

NetsTuts_SW1>en
Password:

Remove the password entering "no enable password" command

NetsTuts_SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
NetsTuts_SW1(config)#no enable password
NetsTuts_SW1(config)#end
NetsTuts_SW1#
%SYS-5-CONFIG_I: Configured from console by console
wr
Building configuration...
[OK]
NetsTuts_SW1#

NetsTuts_SW1>en
NetsTuts_SW1#

Now, no password required

Configuring Enable Secret (Recommended)

NetsTuts_SW1>en
NetsTuts_SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
NetsTuts_SW1(config)#enable secret cisco@123
NetsTuts_SW1(config)#end
NetsTuts_SW1#
%SYS-5-CONFIG_I: Configured from console by console
wr
Building configuration...
[OK]
NetsTuts_SW1#

Verify with "show running-config" command

hostname NetsTuts_SW1
!
enable secret 5 $1$mERr$6O7HXbIpaOLamSXRNemy0.

Enable secret is securely stored as an encrypted MD5 hash.

3. MOTD (Message of the Day) Banner

Explanation

The MOTD banner displays a warning or informational message before the login prompt appears.

Displays legal warnings
Restricts unauthorized access
Meets security compliance requirements

Configuring MOTD Banner

Configuring a Message of the Day (MOTD) banner.

NetsTuts_SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
NetsTuts_SW1(config)#banner motd #
Enter TEXT message.  End with the character '#'.
***Unauthorized access is strictly prohibited.***
***Disconnect immediately if you are not an authorized user.***
#

NetsTuts_SW1(config)#exit
NetsTuts_SW1#
%SYS-5-CONFIG_I: Configured from console by console
wr
Building configuration...
[OK]
NetsTuts_SW1#

Note: The # character is used as a delimiter.

Expected behavior during login:

Press RETURN to get started.

***Unauthorized access is strictly prohibited.***
***Disconnect immediately if you are not an authorized user.***

NetsTuts_SW1>

TEST WHAT YOU LEARNED

1. What is the primary purpose of configuring a hostname on a Cisco device?

A. To encrypt all device communication B. To replace the IP address for routing C. To help administrators easily identify the device D. To automatically secure the device interface

Correct answer is C. The hostname helps administrators easily identify the device in a network.

2. What is the default hostname for a Cisco switch?

A. There is no default name B. Host-1 C. Cisco D. Switch

Correct answer is D. The default hostname for a Cisco switch is "Switch".

3. When both an enable password and an enable secret are configured, which one takes priority?

A. The enable password B. The enable secret C. Neither; both must be entered D. The one configured most recently

Correct answer is B. The enable secret takes priority over the enable password when both are configured.

4. How is an enable secret password stored in the configuration?

A. As plain text B. Using weak/reversible encryption C. As an encrypted MD5 hash D. It is not stored; it must be entered each time

Correct answer is C. Enable secret passwords are stored as an encrypted MD5 hash in the configuration.

5. What command is used to verify the configured enable password or secret?

A. show startup-config B. show password C. show running-config D. show enable secret

Correct answer is C. The "show running-config" command displays the current configuration including enable passwords/secrets.

6. What is the main purpose of the MOTD (Message of the Day) banner?

A. To display the device's hostname B. To display a warning or informational message before login C. To prompt for the enable secret password D. To list the device's configured IP addresses

Correct answer is B. The MOTD banner displays a warning or informational message to users before the login prompt.

7. In the configuration example, what character is used as the delimiter for the MOTD banner text?

A. ! B. * C. # D. $

Correct answer is C. The # character is typically used as a delimiter for MOTD banner text in Cisco configurations.

8. Which of the following is a key difference between 'enable password' and 'enable secret'?

A. Enable secret uses weaker encryption B. Enable password is recommended for production C. Enable secret uses stronger encryption (MD5 Hash) D. Enable password is required for the device to boot

Correct answer is C. Enable secret uses stronger MD5 hash encryption, while enable password uses weaker reversible encryption.

9. What command is used to completely remove a configured legacy enable password?

A. delete enable password B. no enable password C. clear enable password D. disable password

Correct answer is B. The "no enable password" command removes a configured legacy enable password.

10. According to the notes, when does the MOTD banner typically get displayed to a user?

A. After entering privileged EXEC mode B. Before the login prompt appears C. Only when an incorrect password is entered D. When the show motd command is executed

Correct answer is B. The MOTD banner is displayed to users before the login prompt appears.

Back to Home