12-19-2005 12:17 AM - edited 03-03-2019 11:15 AM
We have cisco 1751 router in which we have configured username & pssword but no login local command has been entered in line vty 0 4.
When we try to login into router, everytime , it asks for username followed by password . We are able to enter into router.
Secondly, after we enter this, we issue enable command. Then it asks for secret password. If in first attempt we fail to enter correct password, router comes at > prompt without asking for two more attempts.
Can somebody tell where is the problem ..?
12-19-2005 12:56 AM
Hello,
can you post the configuration of your VTY lines ? I am not really clear on how you can access the router without the ´login´ command on the VTY lines.
The default login delay is 1 second, you might want to explicitly set that vale with the command ´login delay 1´ (you need IOS 12.3(4)T for that).
You also might want to check this document, which contains information on IOS login enhancements, one of which might be configured on your router:
Cisco IOS Login Enhancements
Regards,
GP
12-19-2005 05:15 AM
12-19-2005 07:21 AM
Aman
I have looked at the config that you posted and believe that I understand what is happening. You do not have login local configured on the vty lines. But you have enabled aaa new-model. I believe that the aaa implementation is defaulting to login local as the default behavior and is prompting for user name and password. I believe that if you attempt to configure login local on the vty at this point that you would get an error. If you want to verify this you could configure no aaa new-model. This should allow you to configure login local on the vty lines.
Also while it is normal to give three chances to enter the user level password it is normal to have only a single chance for the enable password. If you enter an incorrect password, it is normal to get the error message and to have to enter the enable command again for another attempt.
HTH
Rick
12-19-2005 07:28 AM
Hello,
which password are you trying, the one configured with ´enable´, or the one configured with ´enable secret´ ? The ´enable secret´ has precedence, I would take the ´enable password´ out alltogether, since it has no use. Can you try and remove the ´enable password´ and check if your problem persists ?
Regards,
GP
12-19-2005 09:39 PM
Sir ,
I was unable to enter login local on line vty . only option available was login authentication...
i have removed aaa new-model.login local is coming on vty.
Secondly, after i have done this , iam getting option of entering enable secret password three times if it is entered first two times wrongly.
i have also removed enable pasword.
It is working fine.
thanks...
12-20-2005 06:28 AM
Aman
I am glad that we were able to help solve your problem.
Thanks for posting back to the forum and indicating what action resolved the issue. It helps make the forum more helpful when people do post back indicating what solution worked for them.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide