Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

local authentication in switches

We're running Cat-2980's, 2950's and 6509's. We are looking for a way to have each technician to authenticate to these switches with their own credentials. So far, I have not been able to find any docs on it. Does anybody happen to know how to do that or refer me to a doc?

Thanks.

5 REPLIES
VIP Purple

Re: local authentication in switches

Hello,

not sure if I understand what you are looking for. I guess you are looking for something else the TACACS or RADIUS, or simply local username/password authentication ?

Regards,

Georg

New Member

Re: local authentication in switches

Yes, simply the local username/password authentication.

Thanks.

Gold

Re: local authentication in switches

For local usernames/passwords on each switch, the commands involved are:

(following example assumes username Donald, password Duck; and username Mickey, password Mouse)

service password-encryption

.

.

username Donald password Duck

username Mickey password Mouse

.

.

line vty 0 4

login local

line vty 5 15

login local

When you save the running-config, the passwords Duck and Mouse (as shown above) will be encrypted.

Anyone who needs to be able to make configuration changes, etc. in privileged or enable mode will need to know your enable password or enable secret (password).

If you have lots of access switches, or are going to change passwords periodically, you should look into the RADIUS or TACACS server. It's easier to maintain long-term, although it's a little more involved to set up at first. If you have Windows 2000 or 2003 Server, you can use Microsoft's Internet Authentication Service (IAS) which is RADIUS server software included with the operating system. Link it to your Active Directory, and your network logon usernames and passwords can double as switch usernames and passwords.

Hope this helps.

VIP Purple

Re: local authentication in switches

Hello,

if you have CatOS on your switches, you can use the command:

set localuser

to define username and password pairs to access your switches.

Check this link for the command syntax:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_command_reference_chapter09186a00801dd5e3.html#13666

Regards,

GP

New Member

Re: local authentication in switches

Thanks much to all you guys. I was able to find the "set localuser" command on the Cat-6506's but not on Cay-2980G's; - how do you define a user on those?

Thanks again.

160
Views
0
Helpful
5
Replies