05-24-2021 08:45 AM
Does anyone have experience with new 8300 series Edge platform routers. I have two new 8300's that I was about to put into production when I discovered that my console password was not working properly. The particular password that I set on the device was 17 characters in length. I set the same password for the local user account and my enable secret. The password works properly when using the local credentials for a vty session, however, when trying to use the same local credentials for a console connection it fails. Similarly, the enable secret password works properly in a vty session but not in a console session. Has anyone experienced this? Any ideas? I am currently running Amsterdam 17.3.3 on this device. I upgraded the other to Bengalaru 17.5.1a, problem still exists. Trying to determine if this is a hardware issue or software; I have numerous 4K's in my environment that do not have this issue running on 17.3.3
05-24-2021 08:55 AM
how about using below command :
aaa common-criteria policy
min-length 15 << Cisco IOS XE router enforces a minimum password length of "15" characters.
05-24-2021 02:14 PM
Additional information. I completely reset the device, performed write erase and reload. After coming up with no config I configured just minimal configuration to establish IP connectivity via a VTY session. (See below)
!
username localuser privilege 15 secret 15CharacterP@ss
enable secret 15CharacterP@ss
no enable password
!
line con 0
login local
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login local
transport input ssh
!
After establishing a VTY session I could successfully disconnect and reconnecting using the local user and 15 character password. Additionally I could exit out of enable mode and return to enable mode using the 15 character password. Same for console session, could logout and login and also exit enable mode and re-enter enable mode. No problem with 15 character password.
Then I used a 16 character password (see below)
!
username localuser privilege 15 secret 16CharacterP@ss!
enable secret 16CharacterP@ss!
no enable password
!
Tested same actions again after reconfiguring the local user and enable secret to use the 16 character password. The results are successful on a VTY session but fail on console session.
I've tried the same on multiple versions of code 17.3.2, 17.3.3, and also 17.5.1a.
09-30-2023 05:34 AM
I’m having same issue. Did you ever get this issue resolved?
09-30-2023 12:15 PM
09-30-2023 11:57 AM
Hello
rpidcock@bankrcb.net wrote:
Additional information. I completely reset the device, performed write erase and reload. After coming up with no config I configured just minimal configuration to establish IP connectivity via a VTY session. (See below)
username localuser privilege 15 secret 15CharacterP@ss
enable secret 15CharacterP@ss
no enable password
Apply the following:
password encryption aes
username localuser privilege 15 algorithm-type scrypt secret xxxxx
aaa authentication login default local
aaa authorization console
aaa authorization exec default local if-authenticated
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide