12-30-2008 10:45 AM - edited 03-06-2019 03:11 AM
I am applying certain security policies from given template such as
1. enable secret <password>
2. no enable password
Due to #2, I couldn't telnet into the device anymore. Is anything additional required.
12-30-2008 10:47 AM
Where does it fail when you try to telnet. You should be fine without the enable password but you still the password configured on the vty's.
Jon
12-30-2008 10:51 AM
you are probably getting the following, password required none set.
you need to set a line password
see the following:
12-30-2008 11:08 AM
I would like to correct my first post.
I can telnet into the device (Cat6500), but when I do 'enable' it says 'No password set'.
I believe the vty password is intact thats why I can successfully telnet into the device.
Can 'no enable password' remove the 'enable secret
12-30-2008 04:59 PM
Can 'no enable password' remove the 'enable secret
yes u need a enable passowrd.
12-30-2008 05:11 PM
Can 'no enable password' remove the 'enable secret
yes u need a enable passowrd.
Really?
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#enable password cisco
R1(config)#do show run | i enable
enable password cisco
R1(config)#enable secret cisco123
R1(config)#no enable password
R1(config)#do show run | i enable
enable secret 5 $1$0Obq$Juq8Mz8QtkNdy0Y/V5x5Z1
R1(config)#exit
R1 con0 is now available
Press RETURN to get started.
R1>en
Password:
R1#sh run | i enable
enable secret 5 $1$0Obq$Juq8Mz8QtkNdy0Y/V5x5Z1
R1#
__
Edison.
12-30-2008 08:05 PM
I believe that Vishwamurti must have understood the original question much differently than Edison and I did.
Edison is quite right: the operation of enable password and of enable secret are entirely independent. Removing enable password will NOT remove enable secret. If the 6500 is giving an error about no enable password then the enable password was removed and there is no enable secret. Either the enable secret was overlooked in the original configuration or there was a keystoke error that produced a syntax error in the attempt to configure enable secret. But the generation of that error message indicates that neither the enable password nor the enable secret are configured.
HTH
Rick
12-19-2016 04:39 AM
The answer is that when you disable "enable password" after configure an "enable secret" you will just get access in line vty with SSH transport to achieve EXEC mode using enable secret. No telnet is permitted anymore after thus configuration. I think this kind of thing is to secure more strongly because "enable password" has a weak encryption.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: