cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4586
Views
0
Helpful
6
Replies

Basic 3850 Management port and remote SSH access with Local User auth!

vodafonegsmart
Level 1
Level 1

Hi guys,

 

Im really struggling to get this working.

I just want remote SSH to my 3850 switch via its management interface yet I cant get it to use damn local authentication no matter what.

The Cisco DOC's appear wrong as the commands just dont work.

 

I have set an IP on my g0/0 interface.

I can SSH to it, enter my user and password and it just doesnt let me in.

 

I put these commands in, but it still doesnt work.

aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local

 

 

I created a username password for Priv 15.

 

What am I doing wrong?

 

I just see these lines in the console:

*Mar 30 05:31:22.402: AAA/AUTHEN/LOGIN (00000FB5): Pick method list 'default'
*Mar 30 05:31:25.376: AAA/AUTHEN/LOGIN (00000FB5): Pick method list 'default'
*Mar 30 05:31:30.735: AAA/AUTHEN/LOGIN (00000FB5): Pick method list 'default'

 

 

It lets me login with the "admin" user just not one that I create.

 

Thansk

g

6 Replies 6

apasillas
Level 1
Level 1

You need the vty lines

conf t

line vty 0 4
 login local
 transport input ssh

 

 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_53_se/configuration/guide/2960scg/swauthen.html#wp1227177

Yep, They are there too.

I can login as mentioned with the "admin" username. Just cant login with any other username I make?

can you upload the full code please, you can erase interfaces and that stuff. 

can you upload the full code please, you can erase interfaces and that stuff. 


I think that's by default and by designed; btw admin is username , what's password ?

Robert Falconer
Level 1
Level 1

If you just want to use local auth, you shouldn't need any AAA settings.

Configuring vty with 'login local' is enough. I use it in my lab.

username xxxxxxxx privilege 15 password 7 xxxxxxxxxxxxxxxx
no aaa new-model

line vty 0 4
 password 7 xx
 login local
 transport input ssh
line vty 5 15
 password 7 xx
 login local
 transport input ssh

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco