Custom Search

Cisco Ccna (640-553) Security Exam Training: Using The “block Count” Command

In today’s article, I’m going to quickly inform you about the Cisco IOS local RADIUS server group configuration mode command named “block count”.

Network administrators (like you) use the “block count” command to lock out group members for a length of time after a set number of incorrect passwords are entered.

Below is the command’s syntax:

block count count time {seconds | infinite}

As you can see, the command can use the count and seconds arguments and the “time” and “infinite” keywords.

count—This argument is used to indicate the number of failed passwords before a lockout is trigged; the lockout range is from 1 to 4294967295.

time —This keyword is used to specify the time to block the account.

seconds—This argument is used to indicate the number of seconds that the lockout should (will) last; the range is from 1 to 4294967295.

infinite –This keyword is used to indicate that the lockout should be indefinite (infinite).

Note: If you use the “infinite” keyword, an administrator must manually unblock the locked username.

Below is an example of the command being used:

router#configure terminal
router(config)#radius-server local
router(config-radsrv)#group ittechtips
router(config-radsrv-group)#block count 3 time 120
router(config-radsrv-group)#exit
router(config-radsrv)#user cross password baseball74 group ittechtips
router(config-radsrv)#end
router#copy run start

In the example above, the user named “cross” which belongs to the ittechtip group; will be locked out for 120 seconds if he fails three incorrect password attempts.

And, like with mostly all Cisco IOS commands; you can use the word “no” in front of the command to remove (disable) the configured command; like you see below:

router(config-radsrv-group)#no block count 3 time 120

By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.3(11)T or higher.

I hope this article was very informative and helped you quickly understand the usage of the block count command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.

To your success,

By: Charles E Ross

Article Directory: http://www.articledashboard.com

Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ittechtips.com

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Join Our Community
Sign Up for an account or learn more.
Sponsored Links
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard