Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

User access verification on switch or router

Hello,

What causes a router or switch to prompt for username and password when you vty as oppose to vty into switch and going straight to the enable password.  Whats commands make the user get prompt for username or password when vty into switch?

 

Thanks,

5 REPLIES
Hall of Fame Super Gold

You enable AAA.  So when you

You enable AAA.  So when you console and/or remotely access the appliance, you'll get prompted with a username, password and enable password.

 

Alternatively you can configure a static username/password:  

config t

 username <USERNAME> password <PASSWORD>

 enable secret <ENABLE PASSWORD>

 service password encryption

end

 

New Member

What commands do you use to

What commands do you use to configure aaa for been prompt for username and password?

 

Hall of Fame Super Gold

Go here and choose your the

Go here and choose your the choices base on the appliance model.

New Member

First you need to enable e

First you need to enable e AAA  when you want to remotely access the appliance,

no enable secret
no enable password
no username <User Name >
enable secret <password >
username admin privilege 15 secret <password >

tacacs-server host <Host IP>
tacacs-server directed-request
tacacs-server key <Key>

aaa new-model
aaa authentication login default group tacacs+ local line enable
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+

aaa accounting commands <acces level num>default stop-only group tacacs+
aaa accounting system default stop-only group tacacs+
 

Alternatively you can configure a static username/password:

config t

username <USERNAME> password <PASSWORD>

enable secret <ENABLE PASSWORD>

service password encryption

end

 

Silver

when you just enable a

when you just enable a command "aaa new-model", all your lines except console start asking for username and password for authentication.

 

"Please rate helpful posts"

5201
Views
0
Helpful
5
Replies