cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
30153
Views
25
Helpful
7
Replies

Not asking for enable password

chiragvyas_50
Level 1
Level 1

Hi,,,

I have 1800 cisco router. i have already set enable secret password for the router but while i access the router. it doesnt ask me for enable password and directly goes to privileged mode.

1 Accepted Solution

Accepted Solutions

It's because of the "privilege level 15" within the VTY configs.

View solution in original post

7 Replies 7

Pravin Phadte
Level 5
Level 5

Hi,

Can you paste the config for the password setting and line vty output.

Regards

Pravin

Hi,,,,,

Pravin, Pls find below my config file...

RLI_Veraval#sh run

Building configuration...

Current configuration : 2170 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname RLI_Veraval

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret xxx

!

no aaa new-model

!

resource policy

!

ip cef

!

!

!

!

ip domain name yourdomain.com

username cisco privilege 15 secret xxx

!

!

!

interface Loopback0

ip address 97.x.x.171 255.255.255.255

!

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$

ip address 10.129.225.193 255.255.255.192

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface BRI0/0/0

no ip address

encapsulation hdlc

shutdown

!

interface Serial0/1/0

ip address 97.x.x.181 255.255.255.252

encapsulation ppp

!

interface Serial0/1/1

no ip address

shutdown

clock rate 2000000

!

ip route 0.0.0.0 0.0.0.0 97.11.9.182

!

ip http server

ip http access-class 23

ip http authentication local

ip http timeout-policy idle 60 life 86400 requests 10000

!

!

control-plane

!

banner login ^C

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device.

This feature requires the one-time use of the username "cisco"

with the password "cisco". The default username and password have a privilege le

vel of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.

Here are the Cisco IOS commands.

username privilege 15 secret 0

no username cisco

Replace and with the username and password you want to use

.

For more information about SDM please follow the instructions in the QUICK START

GUIDE for your router or go to http://www.cisco.com/go/sdm

-----------------------------------------------------------------------

^C

!

line con 0

password cisco

login

line aux 0

line vty 0 4

privilege level 15

password cisco

login

transport input telnet

line vty 5 15

privilege level 15

password cisco

login

transport input telnet

!

scheduler allocate 20000 1000

end

RLI_Veraval#

It's because of the "privilege level 15" within the VTY configs.

Joseph W. Doherty
Hall of Fame
Hall of Fame

A couple of ways this could be happening, is there a "priviledge 15" within the VTY? Or, are you using AAA with RADIUS or TACACS which is putting the logon into enabled state?

Joseph Is correct.

remove the vty 0 4 privilege level 15 and

line vty 5 15 privilege level 15.

regards,

pravin

Garcias, I saw that in the running config that was (not aaa new-model) just enable

[SW-01 (config) #aaa new-mode] and done.

veevekraj
Level 1
Level 1

If you need enable password prompt for vty 0 4(telnet) then config is as below:-

 

#enable pass cisco

#enable secret cisco1

 

#username admin pass admin

#username cisco privilege 5 pass cisco

 

#line vty 0 4

   login local

   privilege  level 15

 

Telnet will ask for user and password. If you telnet through user admin then it will also ask for enable secret (not enable).

If you telnet with user cisco then it will not ask for enable password. So privilege level command in vty will not affect enable password.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco