03-19-2018 10:44 AM - edited 03-08-2019 02:19 PM
Hi Folks,
We have this Cisco 3550 facing the Internet. I have done a recovery on it by reverting t o factory default because there was service password recovery enabled. after re-configuring the Switch and setting enable secret pass, it doesn't allow login with correct password again!? - it did not have problem with normal enable pass but enable secret doesn't allow login through console or telnet.
line con 0
privilege level 15
password 7 xxxxxxxxxxxxxxx
logging synchronous
transport output all
line vty 0 4
privilege level 15
password 7 xxxxxxxxxxxxxxxxxxxxx
logging synchronous
transport input all
transport output all
line vty 5 15
privilege level 15
password 7 xxxxxxxxxxxxxxxxxxxx
transport input all
transport output all
Any suggestion please?
Best Regards,
Masood
03-19-2018 11:13 AM
Hi,
Can you try:
no enable password
and then
enable secret ....
HTH
03-19-2018 11:30 AM
03-19-2018 12:17 PM
the fact is that I cannot get in at all and i must reset the switch to factory default gain and set new password BUT, I believe that I will face same situation again. the question is why this 3550 is acting up like this?
this is the aaa cmds I have in there:
hostname xxxxx-xxx
!
enable secret 5 $1$o2Dg$vvdam/UDA6lt5PUPQ1AaB0
enable password 7 xxxxxxxxx
!
username xxxx privilege 15 password 7 xxxxxxxxxxxxxxxx
aaa new-model
!
!
aaa authentication login default enable
!
03-19-2018 02:13 PM
Maybe something went wrong during the password recovery. Try doing it again and make sure you wipe the config during recovery, so you can hopefully access it again. If none of these work, you may want to open a tac case if you still have a service contract on the switch.
HTH
03-19-2018 03:18 PM
03-27-2018 01:49 PM
Hi Reza,
it seems that I need to reset this Switch again just to make sure nothing had gone wrong during password rest.
question?
when i type only "login" under console and VTY lines, that means It will use what ever passwords that are set under con 0 and lines, correct?
on the other hand, if I type " login Local", means use the enable secret password (if set), correct?
I am just trying to see if my understanding is correct. of course for enable secret one must have these two commands in teh absence of a AAA server:
aaa new-model
!
aaa authentication login default enable
!
aaa session-id common
please advise,
Regards,
Masood
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide