Hi Mathew,

I would try a IOS upgrade.

What IOS/hardware are you using ?

Dan

Did you try it like this:

sw-test(config)#
sw-test(config)#user emgi privilege 15 password cisco
sw-test(config)#
sw-test(config)#lin vty 0 4
sw-test(config-line)#login ?
  local   Local password checking
  tacacs  Use tacacs server for password checking
 

sw-test(config-line)#login local
sw-test(config-line)#^Z

User Access Verification

Username: emgi
Password:
sw-test#sh priv
Current privilege level is 15
sw-test#

System image file is "flash:c2950-i6q4l2-mz.121-22.EA2.bin" (Ancient!)

Hello,

I have a switch model Cisco Catalyst 3550 48 SMI Switch i have uploaded 12.2.44.SE(6) ED the latest uptill date,  The switch model number is 3550 48 SMI and i have uploaded the IOS 12.2.44.SE(6) EMI The software is uploaded successfully with no errors but still i have same issue,Is it the switch is supported with the above software How i will come to know.

The  Feature Navigator shows me the image as in the attached, but the image is too old,Can anybody confirm me the image ihave installed is perfect.

Thanks

,

Hi Estela,

ok... I don't have this particular device but why not try least painful way. If it doesn't break your security policy why not enable aaa like this:

aaa new-model

aaa authentication login VTYLOGIN local

aaa authorization exec VTYLOGIN local

line vty 0 4

login authentication VTYLOGIN

authorization VTYLOGIN

It will solve your problem, OK it doesn't solve original issue... but it will work and you will not see any diference

Tomas

I have login local enable also after upgrading to latest new IOS the issue is same i have been asked for the enable secret for the privilege 15 user.

Thanks

Hi estela,

Try this commands if you still have the problem:

S(config)#username TELNET priviledge 15 secret cisco

S(config)#line vty 0 15

S(config-line)#login local

S(config-line)#priviledge level 15

S(config-line)#end

Hope this will help

Eugen

Certainly helps, just that all the users authenticating via ssh / line VTY 0 5 or 5 to 15 whatever is activated gets  a privilege 15 access, and is not going to be prompted for enable password.

Test this by adding two new users, with different privileges: 0 and 15, for either or there will be prompt for enable password.  

If this is for test purposes this will work, if is not compliant with you policy there should be some more work on aaa  new-mode and radius server if that is something that you use as authentication means.

Although this is a very old thread I will post my answer for the benefit of anyone looking through this.

This post by ebarticel explain the cause of the issue you are having. In your config you have,

enable secret 5 $1$P92y$/qnN50lCrnBAJJgIW1blc0
enable password 7 095B4F1A0D0000131F09160B

username hoswitch password 7 xxxx
username cwlms privilege 15 password 7 xxx
username admin privilege 15 password 7 xxx

So the device will prompt for enable secret.

As sugested use the following syntax,

username username privilege 15 secret password

Eg;

username admin privilege 15 secret cisco