Solved: passwd vs enable password on Cisco ASA

Dean Romanelli · ‎10-23-2014

Hi All,

I am rolling out new ASA configs network wide with a read only account & a read-write account. Both the login and enable passwords are different for each account, and I have successfully set up the usernames and enable passwords at their appropriate levels. However, I also see the "passwd" command, and this doesn't give the option to specify an account level, meaning there can only be 1 "passwd."

Is this command ignored if enable passwords are in effect?

Vibhor Amrodia · ‎10-23-2014

Hi,

You need to understand that this password is specific to the Telnet service on the ASA device only.

If you want this to be specific to usernames created with different privileges on the ASA device , you can authenticate the TELNET connections as well using the AAA LOCAL authentication.

aaa authentication telnet console LOCAL

Thanks and Regards,

Vibhor Amrodia

View solution in original post

Vibhor Amrodia · ‎10-23-2014

Hi,

You need to understand that this password is specific to the Telnet service on the ASA device only.

If you want this to be specific to usernames created with different privileges on the ASA device , you can authenticate the TELNET connections as well using the AAA LOCAL authentication.

aaa authentication telnet console LOCAL

Thanks and Regards,

Vibhor Amrodia

Dean Romanelli · ‎10-24-2014

Understood. Thank you Vibhor.