Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
0
Helpful
6
Replies

Password attempts

amansoi_5
Level 1
Level 1

‎12-19-2005 12:17 AM - edited ‎03-03-2019 11:15 AM

We have cisco 1751 router in which we have configured username & pssword but no login local command has been entered in line vty 0 4.

When we try to login into router, everytime , it asks for username followed by password . We are able to enter into router.

Secondly, after we enter this, we issue enable command. Then it asks for secret password. If in first attempt we fail to enter correct password, router comes at > prompt without asking for two more attempts.

Can somebody tell where is the problem ..?

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎12-19-2005 12:56 AM

Hello,

can you post the configuration of your VTY lines ? I am not really clear on how you can access the router without the ´login´ command on the VTY lines.

The default login delay is 1 second, you might want to explicitly set that vale with the command ´login delay 1´ (you need IOS 12.3(4)T for that).

You also might want to check this document, which contains information on IOS login enhancements, one of which might be configured on your router:

Cisco IOS Login Enhancements

http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_4/gt_login.htm#wp1061591

Regards,

GP

0 Helpful

amansoi_5
Level 1
Level 1
In response to Georg Pauwen

‎12-19-2005 05:15 AM

please find the config

Preview file
4 KB
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to amansoi_5

‎12-19-2005 07:21 AM

Aman

I have looked at the config that you posted and believe that I understand what is happening. You do not have login local configured on the vty lines. But you have enabled aaa new-model. I believe that the aaa implementation is defaulting to login local as the default behavior and is prompting for user name and password. I believe that if you attempt to configure login local on the vty at this point that you would get an error. If you want to verify this you could configure no aaa new-model. This should allow you to configure login local on the vty lines.

Also while it is normal to give three chances to enter the user level password it is normal to have only a single chance for the enable password. If you enter an incorrect password, it is normal to get the error message and to have to enter the enable command again for another attempt.

HTH

Rick

HTH

Rick
0 Helpful

Georg Pauwen
VIP
VIP
In response to amansoi_5

‎12-19-2005 07:28 AM

Hello,

which password are you trying, the one configured with ´enable´, or the one configured with ´enable secret´ ? The ´enable secret´ has precedence, I would take the ´enable password´ out alltogether, since it has no use. Can you try and remove the ´enable password´ and check if your problem persists ?

Regards,

GP

0 Helpful

amansoi_5
Level 1
Level 1
In response to Georg Pauwen

‎12-19-2005 09:39 PM

Sir ,

I was unable to enter login local on line vty . only option available was login authentication...

i have removed aaa new-model.login local is coming on vty.

Secondly, after i have done this , iam getting option of entering enable secret password three times if it is entered first two times wrongly.

i have also removed enable pasword.

It is working fine.

thanks...

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to amansoi_5

‎12-20-2005 06:28 AM

Aman

I am glad that we were able to help solve your problem.

Thanks for posting back to the forum and indicating what action resolved the issue. It helps make the forum more helpful when people do post back indicating what solution worked for them.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card