USD ($)
$
United States Dollar
India Rupee

How to Configure a Banner in Cisco Router

Created by Gautam Sharma in Articles 30 Oct 2024
Share

Cisco routers allow you to configure various types of banners to display messages to users when they connect to the device. These banners can be used to provide important information, security warnings, or legal notices. 

To know all these Cisco router's banner configurations, you should opt for Cisco Enterprise training which will teach you all about Cisco devices and configurations.

In this article, we will cover how to configure a banner on a Cisco Router. We will look at different types of banners and learn the configuration of MOTD, login, and Exec banners on Cisco Devices.

Types of Banners in Cisco Routers

Cisco routers support several types of banners to communicate important messages to users. The main types of banners are:

● MOTD Banner (Message of the Day): This banner is displayed to all users when they connect to the router, before authentication. It is typically used for temporary messages, such as system maintenance notifications.

Login Banner: This banner appears after the MOTD banner and before the authentication prompt. It is often used to display legal notices or security warnings, informing users about authorized access only.

● Exec Banner: Displayed after a user successfully logs in, the Exec banner provides information relevant to the user session. It can include messages about usage policies or system status.

Let's see the process of configuring banners in Cisco Routers.


CCNA Certification Live TrainingGet Live Training from industry experts.Explore course
custom banner static image

How to Configure Banners in Cisco Routers

Let's now look at the process of how to configure banners in Cisco Routers. You can also try this in our CCNA virtual lab

Task:

● Configure a login banner so any endeavored associations with the device are provoked with Legal data and security data

● Configure an EXEC banner such that the system shows the hostname when the user creates 

an exec session with the computer, and the current line on which the session was formed.

● To view the latest scheduled downtime for system maintenance, configure the Message of the Day (MOTD) Banner

Initial Configuration

There is no initial configuration in this lab.

Explanation

Banner is used to give someone a security alert who wants to telnet into your internetwork. The security warning or message can be produced and personalized and will be displayed on the router when someone attempts to access your computer. 

Configuration

For goal one, you must configure a login banner to warn the legal details and privacy information of the incoming session. You would need to use a delimiting character when configuring a banner; that is a character that appears only at the beginning and end of the banner. A ^ is widely used.

To configure a banner you’ll use the “banner” command followed by the type of banner whether it be “login, exec, motd” and the delimiting character

Login Banner Configuration on Cisco Router

As shown below you can see a basic Login banner is configured

Configuration is verified by ending and re-establishing an exec session with the device

R1(config)#banner login ^

#######################################################

# #

# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

^

Router>

As shown below is the login banner configuration verification

Router con0 is now available

Press RETURN to get started.

#######################################################

# #

# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

Router>

Requests that you configure an exec banner to display the hostname of the system and the line on which the session is built for any authenticated exec sessions. You would need to know what banner tokens are to configure this sort of banner. The banner tokens used for this purpose are $(hostname) and $(line) with the hostname and line number displayed.

Exec Banner Configuration on Cisco Router

Use the following text Session set to $(hostname) on line $(line) To configure the exec banner as needed by objective 3, use the following text Session set to $(hostname) on line $(line) Like the previous login banner you configured, you execute the same command in global configuration mode, but instead execute banner login ^ as shown below.

R1(config)#banner exec ^

Enter TEXT message. End with the character ‘^’.

session establish to $(hostname)via line $(line)

^

R1(config)#exit

After configuring the exec banner, check your setup by terminating the exec session and resetting the system to an exec session, as shown below.

#######################################################

# #

# PROPERTY OF UNINETS PVT. LTD. #

# AUTHORISED ACCESS ONLY #

# UNAUTHORISED ACCESS STRICTLY PROHIBITED #

#######################################################

session establish to R1via line 0


Router>

The last objective of the lab is to configure a Message of the Day banner, which is commonly used to display maintenance information on the Cisco device such as “This router will undergo routine maintenance on 01/01/10 from 12:00 AM to 2:00 AM”.

The MOTD banner is displayed before the login banner on a Cisco Router or Switch and is configured the same way as any other banner which is to execute the banner command followed by the type of banner and the delimiting character in global configuration mode.

“It is the last aim of the laboratory to configure a Day Message banner that is widely used to display maintenance details on the Cisco computer, such as” This router will undergo regular maintenance from 12:00 to 2:00 AM on 01/01/10.

MOTD Banner Configuration

The MOTD banner is displayed on a Cisco Router or Switch before the login banner and is configured the same as any other banner to run the banner command followed by the banner type and the delimiting character in the global configuration mode.

Shown below is an example MOTD banner configuration and verification

R2(config)#banner motd ^

Enter TEXT message. End with the character ‘^’.

THIS ROUTER WILL BE ON MAINTENANCE ON 15/10/2016 TO 16/10/2016

^


R2 con0 is now available

press RETURN to get started


THIS ROUTER WILL BE ON MAINTeNANCE ON 15/10/2016 TO 16/10/2016


session to establish to R2 on line 0


R2>

As you can see we have covered all major banner configurations on Cisco Routers.

Banner Configuration on Cisco Router - Summing up

Configuring banners on a Cisco router is essential for communicating important information and security warnings to users. There are three primary types of banners: the Message of the Day (MOTD) banner, the Login banner, and the Exec banner.

To configure a banner, administrators use the "banner" command followed by the type and a delimiting character, such as banner motd *. Overall, configuring banners on Cisco routers effectively enhances security and informs users about important policies.

Check out more IT infrastructure training courses.

How to Configure Backup Script and ...»
Gautam Sharma

This is Gautam's biography

More... | Author`s Bog | Book a Meeting

Related Articles

#Explore latest news and articles

Enable SSH on Cisco Switch: Configure and Setup 13 Nov 2024

Enable SSH on Cisco Switch: Configure and Setup

Learn how to enable SSH on Cisco switch with our guide. Configure & setup device management protocol for secure remote access quickly & easily. 

FAQ

To configure a banner, enter global configuration mode and use the command banner motd *, followed by your message and ending with the same character.
Banners inform users about authorized access, legal notices, and security warnings, thereby enhancing awareness and discouraging unauthorized use.
A login banner is displayed before user authentication, typically containing legal notices or security warnings, reminding users of access policies.
To configure a Cisco router, access the device via console or SSH, enter global configuration mode, and use commands to set up interfaces, routing, and other features.

Comments (0)

Share

Share this post with others

Contact learning advisor

Captcha image