I have a
When I connect my console cable to the Access point it puts me direclty into
versus the username prompt.
I dont have the command 'login local' or 'login' like a switch or router does for vty/con/aux lines so just trying to find out how I can point line con 0 port of the wireless access point to use the local username database configured on the access point itself.
Solved! Go to Solution.
i have this running on a 1242AG with 12.3(8)JA2 and this setup is valid since 12.2.
username admin privilege 15 password 7 xxxxxxxxx
line con 0
line vty 0 4
transport preferred telnet
line vty 5 15
And im prompted a login screen.
This is the link to the command reference Guide for the AP. There are only the AP specific commands availiable. Also a list of non AP specific commands.
For the rest (non AP-specific) try this one here:
I hope that helps.
Btw, did you setup TACACS or RADIUS login? Then login might not be availiable.
Thanks for responding, TACACS is setup yes, but that is for wireless client logons. I wonder if that's part of my issue. I'll provide you with my full config script for you to review and let me know what you think.
The only way you're going to get the login to the local database, by default, is to add the login local on the con 0 like you would a router or swtich. The other thing you can do is type "login" at the > prompt and login that way.
I asked our guy onsite if he used the login command and he said he did. Also the login, and login local are not options on the line con 0 or vty.
sorry for the delay. Damn weekend.
Your config looks pretty good.
Username is defined, the tty and the local login (aaa authorization exec default local).
Hmmm, very strange.
Maybe you have configured the users wirelessadmin and clientadmin in the tacacs server?
Please let me know.
No problem at all Frank. Yea the wirelessadmin and clientadmin are configured locally. RADIUS is configured on the local wireless device. We have no external database for authenticating users. I think this is a user onsite that may be using the wrong commands to prompt them for username. I will update once I have him go back onsite and see if he can use the 'login' command to prompt him for username.
Here is the prompt he gets when he logs onto the console port.
Here is what I get after connecting and typ in ?
C i s c o S y s t e m s
% Invalid input detected at '^' marker.
% Access denied
Press RETURN to get
access-enable Create a temporary Access-List entry
clear Reset functions
connect Open a terminal connection
crypto Encryption related commands.
disable Turn off privileged commands
disconnect Disconnect an existing
dot11 IEEE 802.11 commands
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
led LED functions
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
name-connection Name an existing network connection
ping Send echo messages
radius radius exec commands
release Release a resource
renew Renew a resource
resume Resume an active network connection
save Start to save raise_interrupt_level stack
set Set system parameter (not config)
show Show running system information
ssh Open a secure shell client connection
systat Display information about terminal lines
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
tunnel Open a tunnel connection
where List active connections
At this point he has to know the Enable password to get in.
So I added the following lines and now it prompts him for username password.
line con 0
privilege level 15
login authentication default
aaa authentication login default local
My question now is, why do I need to have level 15? IF I remove it he only gets level 7 access and that's it.