I'm currently studying for my CCNA Security and have been toying around with AAA. I have an 851w with advsecurity 12.4 IOS.
What I have noticed, and find interesting is that I seem to have one user configured locally, but it appears to have two passwords.
For instance, if I log in with SSH or telnet, I enter my username with password 'ABC' and I'm in. This account is privilege level 15. However, if I access the SDM, I must enter the same username with a different password, e.g. '1234'. If I enter the password 'ABC' which works for SSH and telnet, I am not granted access.
I was wondering if anyone can explain this? I have tried using the show aaa commands to see what is going on, but it doesn't seem to help. As I said, aaa is using the local database for its user database. Below is some config.
I have worked out that the SDM is using my enable secret for authentication as opposed to AAA.
I assume this is the default behaviour. Thanks JG for getting me thinking along these lines by looking at the debug aaa authenication and authorisation.
If you know whether it is possible to configure SDM to authenticate against SDM, I would be more than happy to know how to perform such a configuration. I'm searching for such a config on google but not having much luck.
Again, thanks for pointing me in the right direction.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...