aaa new model (error)

Unanswered Question
Nov 9th, 2007

hi,

for ERROR , in my switch i used the cli AAA NEW MODEL.

Now when i try to enter , it tell me username and password.

I don't have any username configured.

what can i do without to reset the switch for to enter in enable mode?

thanks

FC

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Edison Ortiz Fri, 11/09/2007 - 07:31

Yes, you got locked out. Resetting the switch is your only solution. Next time, before enabling 'aaa new-model' make sure to have a local username and password.

Note.- the switch won't lose all its configuration (reset = reboot on this case). The only configuration that will be lost, is the one made recently (before a copy run start, of course).

bvsnarayana03 Fri, 11/09/2007 - 07:47

Most people doesnt get it right the first time. So next time you are configuring aaa on any device, make sure you enable local authentication & set username & password.

Minimum aaa config to save u from getting locked while configuring aaa for tacacs:

aaa new-model

aaa authentication login local

username abc password xyz

Anytime u r locked while configuring, u can use the above username & password to gain access.

Please refer this doc for more details if ur interested:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/7.x/configuration/guide/authent.html#wp1221026

Happy Diwali.

ddemirchi Sat, 11/10/2007 - 09:33

aaa new-model

aaa authentication login localacc local enable

// localacc; you can set this to anything you like, but have to define in console 0 and vty x x too or leave it as it is

username username privilege 15 password yourpassword

line cons 0

login authentication localacc

line vty 0 4

login authentication localacc

*** may have to modify enable or secret passwod

Actions

This Discussion