cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
373
Views
0
Helpful
2
Replies

Authentication with enable passwords and different privilege levels

plgingembre
Level 1
Level 1

Hi,

I'm trying to authenticate the CLI Access by using enable passwords (or secret, as you prefer). I'm not trying to do that for fun, but only because I had this during my CCIE exam...

By default, on the router, I had only one enable secret. The question was : "Add a privilege 5 secret "cisco5" and configure your router in a sort that, from the password you are typing, you are entering a different privilege level".

I've tried many configurations (including : aaa authentication default enable, aaa authentication enable default enable) and I don't know how to do that without creating local users.

My problem is not to allocate commands or rights to different privilege levels but really to allocate privilege level to a user who is only using an enable secret to authenticate.

If you have any suggestions...

Thanks.

--

Pierre-Louis

2 Replies 2

stevek
Level 1
Level 1

You just specify in the enable secret line?

SW10(config)#enable secret ?

0 Specifies an UNENCRYPTED password will follow

5 Specifies an ENCRYPTED secret will follow

LINE The UNENCRYPTED (cleartext) 'enable' secret

level Set exec level password

Hi,

Yes you could be right (and you are...), but you should type enable 5 to access privilege level 5. And unfortunately, your advice could be a good idea if the question did not mention a direct access to level 5 privilege... From the question I had, I think that there is a way to give privilege level to users when they authenticate on vty lines with enable secret.

But how ? That is the question...

Thank you.

Regards,

Pierre-Louis

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: