Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
348
Views
0
Helpful
5
Replies

local authentication in switches

axfalk
Level 1
Level 1

‎02-17-2004 07:57 AM - edited ‎03-02-2019 01:38 PM

We're running Cat-2980's, 2950's and 6509's. We are looking for a way to have each technician to authenticate to these switches with their own credentials. So far, I have not been able to find any docs on it. Does anybody happen to know how to do that or refer me to a doc?

Thanks.

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎02-17-2004 09:35 AM

Hello,

not sure if I understand what you are looking for. I guess you are looking for something else the TACACS or RADIUS, or simply local username/password authentication ?

Regards,

Georg

0 Helpful

axfalk
Level 1
Level 1
In response to Georg Pauwen

‎02-17-2004 10:04 AM

Yes, simply the local username/password authentication.

Thanks.

0 Helpful

konigl
Level 7
Level 7
In response to axfalk

‎02-17-2004 05:01 PM

For local usernames/passwords on each switch, the commands involved are:

(following example assumes username Donald, password Duck; and username Mickey, password Mouse)

service password-encryption

.

.

username Donald password Duck

username Mickey password Mouse

.

.

line vty 0 4

login local

line vty 5 15

login local

When you save the running-config, the passwords Duck and Mouse (as shown above) will be encrypted.

Anyone who needs to be able to make configuration changes, etc. in privileged or enable mode will need to know your enable password or enable secret (password).

If you have lots of access switches, or are going to change passwords periodically, you should look into the RADIUS or TACACS server. It's easier to maintain long-term, although it's a little more involved to set up at first. If you have Windows 2000 or 2003 Server, you can use Microsoft's Internet Authentication Service (IAS) which is RADIUS server software included with the operating system. Link it to your Active Directory, and your network logon usernames and passwords can double as switch usernames and passwords.

Hope this helps.

0 Helpful

Georg Pauwen
VIP
VIP
In response to axfalk

‎02-18-2004 12:15 AM

Hello,

if you have CatOS on your switches, you can use the command:

set localuser

to define username and password pairs to access your switches.

Check this link for the command syntax:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_command_reference_chapter09186a00801dd5e3.html#13666

Regards,

GP

0 Helpful

axfalk
Level 1
Level 1
In response to Georg Pauwen

‎02-27-2004 12:53 PM

Thanks much to all you guys. I was able to find the "set localuser" command on the Cat-6506's but not on Cay-2980G's; - how do you define a user on those?

Thanks again.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents