Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1315
Views
0
Helpful
2
Replies

9200L - User Accounts

AKDIT74359217
Level 1
Level 1

‎08-20-2019 09:26 PM

Hi, We've just recieved a batch of 9200L and i'm going through the configuration. The configuration is setup and working well, I was just wondering if someone could assist with the user accounts part of the product. 

One our old swiches, we used to run:

enable password 0 enablepass
username switchadmin password 0 readonlypass

I've updated this on the 9200L to beSwitching,

enable secret 0 enablepass
username switchadmin secret 0 readonlypass

which works well. I can SSH to the switch and the logon works as expected. but on the old 2960X units, i used to be able to log in whit the username "switchadmin" and the "enablepass". On the 9200, i can log in with "switchadmin" and "readonlypass", but have access to limited information.

 

What is the correct way to do the login for theses going forward? Ideally I would like to have a login that works on SSH and web, but alternatively, happy to have an SSH and then a "webadmin" user that doesn't have SSH ability.

Labels:
0 Helpful
2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-23-2019 12:49 AM

Hello ,

if you want full privilege access in SSH you need

 

line vty 0 4

login privilege level  15

line vty 5 15

login privilege level 15

 

and you add the privilege level 15 in one of two ways:

a) add a separate line

username switchadmin privilege level 15

 

b) try to add at the end of the line

username switchadmin secret 0 readonlypass privilege level 15

 

the secret is preferred over password exactly as enable secret is preferred over enable password.

 

Hope to help

Giuseppe

 

0 Helpful

AKDIT74359217
Level 1
Level 1
In response to Giuseppe Larosa

‎08-25-2019 03:23 PM

thanks for this. If i use username switchadmin secret 0 readonlypass privilege level 15 wont that give the user with "readonlypass" full access?

 

We used to have to login with the username "switchadmin" and pass "readonlypass" and then run "enable" with the "enablepass"

 

If that still considered best practice? What I have works from a SSH point of view, but the web interface doesn't seem to work with the "enablepass" (used to on the 2960X).

 

Or, should I create another user for the web interface so that we keep them seperate (and if so, how do we prevent the web user from using SSH?)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card