Simple Line Config Question

Unanswered Question
Oct 15th, 2007
User Badges:

When I remote into my switches using either telet or SSH some switches require the enable password be entered after my username and password, and others place me right into priv. mode. What line configuration do I need to make to have the enable password required when logging in?

Will Rate Posts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
jreekers Mon, 10/15/2007 - 11:19
User Badges:
  • Cisco Employee,

Hi.


I don't know which version of code you're running (or whether it's IOS or catOS), but if using RADIUS, this should help:


http://www.cisco.com/warp/customer/480/PRIV.html


If using local authentication, it's likely that you see this configuration on some devices:


user pass privilege 15


which would allow telnet directly into priv mode. If you remove that, the user will be prompted for an enable username/pw.


Regards,

-J

mparella Mon, 10/15/2007 - 11:32
User Badges:

Thanks, J!

IOS and Local passwords at the moment.

The username and password configuration are are configured on both switches (4510 & 3750) as you list it above. However, when I telnet the 3750, it requires a username and password then I get placed directly into priv. mode. When I telnet to the 4510 I just get prompted for a "password" (no username) then I get placed into user mode and have to type "enable" then the enable password. Wondering why the difference, the configs look similar.

jreekers Mon, 10/15/2007 - 12:28
User Badges:
  • Cisco Employee,


When you look at the running configs of both devices (show run), look under the line vty sections and see if they are the same on both.


I'll bet there is a variance where one will show "login local" under the line configs, and the other will have that missing...that will be your difference.



Actions

This Discussion