11-24-2010 08:03 PM - edited 03-10-2019 05:36 PM
Hi ...
Just setup Cisco 7606 Router by console with IOS version s72033-advipservicesk9_wan-mz.122-33.SRA3.bin.
username xxxx password 7 xxxxxxxx
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
I missed enter tacacs ip address and enable secret password. After the console window is log out, I try to enter privilege mode but failed and get following error:
7606-Router>en
% Error in authentication
Please advice how to enter the privilege mode of router.
Thanks in advance.
11-25-2010 12:13 AM
Hi,
Since you missed tacacs ip address and enable secret password, things are not looking good. As you have configured LOCAL as fallback method but can't use because if 7600 will try three times to contact the Tacacs server (since no ip for tacacs), after three tires it will fall back to local.
Now if you try with local user, again we don't have the enable password defined so it will give this error message. i guess if you have not saved the config, try to reload the device :-(.
Vinay
11-25-2010 12:25 AM
Hi Vinay,
Thanks for respond. Unfortunately the config has been saved, reloading the router is not helping
Thanks
11-25-2010 01:06 AM
Hi,
In this case the only option to change or modify the config is bypassing the running config during router bootup. Please check the link to do the same.
http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/troubl_f.html#wp1049302
and
Hope this will help.
Vinay
11-25-2010 03:03 AM
I tried by changing the config register to 0x2142 value from the rommonitor mode and restarting the router but it again asking for username and password combination.
11-25-2010 04:27 AM
Hi Gilang,
have to tried the first link which explains the steps for "Clearing the Application Partition Passwords and AAA Settings" which tells how to recover/remove aaa/enable password?
Vinay
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide