cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1874
Views
0
Helpful
5
Replies

On ASA 5520 device enable password is not getting change

ramkumar-n
Level 1
Level 1

Hi ,

I try to change password on the ASA 5520 device and its not getting changed.

FW(config)#  enable password cisco1234
(config)# end

After that I  perform a write memory.

But somehow I relogin again the enable password  still remain as the old enable password

version : 7.2(5)2.

Pls further advice?

1 Accepted Solution

Accepted Solutions

Are you using an external AAA server for your enable password by chance?

View solution in original post

5 Replies 5

Maykol Rojas
Cisco Employee
Cisco Employee

Hi,

Can you log all session output from putty to see what is exactly what you are doing.

Mike.

Mike

Are you using an external AAA server for your enable password by chance?

yes, I configured the AAA but it is not connected to the production network and

the device still on console access only.

even though i have remove the AAA config and change the password but it is not getting changed

FW(config)# sh run | in aaa

aaa-server TACACS+ protocol tacacs+

aaa-server RADIUS protocol radius

aaa-server NET protocol tacacs+

aaa-server NET (production) host xxxx

aaa-server NET (production) host xxxx

aaa-server LAB protocol radius

aaa-server LAB (production) host xxxx

aaa-server LAB (production) host xxxx

aaa-server LAB (production) host xxxx

aaa-server LAB (production) host xxxx

aaa authentication http console NET LOCAL

aaa authentication telnet console NET LOCAL

aaa authentication serial console NET LOCAL

aaa authentication enable console NET LOCAL

aaa authentication ssh console NET LOCAL

aaa authentication match al_authen_production production LAB

aaa authentication secure-http-client

aaa authentication listener https production port https redirect

FW(config)# sh  run | inc passw

enable password zzOH75k2VubYkuLV encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
username admin password I1Wp85eDzWVv4s5U encrypted

FW(config)# passwd cisco1234

FW(config)# show run | inc passw

enable password zzOH75k2VubYkuLV encrypted
passwd zzOH75k2VubYkuLV encrypted   -----------> im able to see the encrypted text getting changed
username admin password I1Wp85eDzWVv4s5U encrypted

FW(config)# sh run | in aaa

aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server NET protocol tacacs+
aaa-server NET (production) host xxxx
aaa-server NET (production) host xxxx
aaa-server LAB protocol radius
aaa-server LAB (production) host xxxx
aaa-server LAB (production) host xxxx
aaa-server LAB (production) host xxxx
aaa-server LAB (production) host xxxx
aaa authentication http console NET LOCAL
aaa authentication telnet console NET LOCAL
aaa authentication serial console NET LOCAL
aaa authentication enable console NET LOCAL
aaa authentication ssh console NET LOCAL
aaa authentication match al_authen_production production LAB
aaa authentication secure-http-client
aaa authentication listener https production port https redirect

I configured the AAA but it is not connected to the production network and

the device still on console access only.

even though i have remove the AAA config and change the password but it is not getting changed

What happens when you remove the AAA line for enable access?

Ex:

no aaa authentication enable console NET LOCAL

Are you sure your AAA servers are all down? Use the command 'show aaa-server'.

How is your reactivation mode configured?

Thanks,

Brendan

Review Cisco Networking for a $25 gift card