aaa new model (error)

Unanswered Question
Nov 9th, 2007
User Badges:

hi,

for ERROR , in my switch i used the cli AAA NEW MODEL.

Now when i try to enter , it tell me username and password.

I don't have any username configured.

what can i do without to reset the switch for to enter in enable mode?

thanks


FC

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Edison Ortiz Fri, 11/09/2007 - 07:31
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Yes, you got locked out. Resetting the switch is your only solution. Next time, before enabling 'aaa new-model' make sure to have a local username and password.


Note.- the switch won't lose all its configuration (reset = reboot on this case). The only configuration that will be lost, is the one made recently (before a copy run start, of course).

bvsnarayana03 Fri, 11/09/2007 - 07:47
User Badges:
  • Silver, 250 points or more

Most people doesnt get it right the first time. So next time you are configuring aaa on any device, make sure you enable local authentication & set username & password.


Minimum aaa config to save u from getting locked while configuring aaa for tacacs:


aaa new-model

aaa authentication login local

username abc password xyz


Anytime u r locked while configuring, u can use the above username & password to gain access.


Please refer this doc for more details if ur interested:


http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/7.x/configuration/guide/authent.html#wp1221026


Happy Diwali.

ddemirchi Sat, 11/10/2007 - 09:33
User Badges:

aaa new-model

aaa authentication login localacc local enable

// localacc; you can set this to anything you like, but have to define in console 0 and vty x x too or leave it as it is


username username privilege 15 password yourpassword


line cons 0

login authentication localacc


line vty 0 4

login authentication localacc


*** may have to modify enable or secret passwod


Actions

This Discussion