Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Switch logon question

Hello,

I've configured this in the past where you have 2 users on a switch with different privileges:

username admin privilege 15 secret 5 $1$xhbN$3KuZkWG81

username users privilege 3 secret 5 $1$fW/K$I2fQEJRd7s5

When either account is used normally I would be put into privilege mode 15 or 3 and no need for the enable password.  At the moment i go into user exec mode on each (priv 1).

My VTY lines are like this:

line con 0

exec-timeout 60 0

logging synchronous

line vty 0 4

access-class 23 in

exec-timeout 60 0

logging synchronous

transport input ssh

line vty 5 15

access-class 23 in

no exec

transport input ssh

How can I get each user to go into their respective privilege views without the need for an enable passowrd?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Bronze

Re: Switch logon question

Do you have aaa-new model enabled?

If you don't, you need to add login local under the VTY lines.

If you have aaa-new model enabled, you need to add aaa authorization exec default local

I'm assuming these devices are not pointing to a AAA server?

3 REPLIES
Hall of Fame Super Bronze

Re: Switch logon question

Do you have aaa-new model enabled?

If you don't, you need to add login local under the VTY lines.

If you have aaa-new model enabled, you need to add aaa authorization exec default local

I'm assuming these devices are not pointing to a AAA server?

New Member

Re: Switch logon question

Great! that worked, silly me.

Switch logon question

Hi Andy ,

Do you have aaa configured ?

Dan

173
Views
0
Helpful
3
Replies
CreatePlease login to create content