cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1681
Views
0
Helpful
7
Replies

Cisco 4500x password length

Pascal Lacroix
Beginner
Beginner

Hi,

 

i have a Cisco 4500X-16 with IOS-XE 15.2(4)E5

 

The maximum password length is 26 characters. Does anyone knows how to increase this value in combination with aaa?

 

I don't have this issue with IOS-XE 15.2(3)E2

 

regards,

Pascal

7 Replies 7

Georg Pauwen
VIP Master VIP Master
VIP Master

Hello,

 

I think you can set this under the common criteria policy:

 

aaa common-criteria policy policy-name

max-length number

Hi George,

 

i have already tried that, but that doesn't work.

 

 

regards,

Pascal

Hello,

 

what is the output of 'show aaa common-criteria policy name policy-name '

 

Does it work when you define a user as below:

 

username username common-criteria-policy policy-name password password

How did you configure this is IOS-XE 15.2(3)E2 ? Are you running the same license now as in IOS-XE 15.2(3)E2 ?

i didn't need to configure this for IOS-XS 15.2(3)E2. It just works.

 

License 152-4.E5:

License Information for 'WS-C4500X-16'
License Level: entservices Type: Permanent Right-To-Use

 

License 15.2(3)E2:

License Information for 'WS-C4500X-16'
License Level: entservices Type: Permanent

i have configured a username attachted to a policy, but that doesn't work.

username test common-criteria-policy test password xxx

 

 

#sh aaa common-criteria policy all
=======================================================
Policy name: test
Minimum length: 1
Maximum length: 127
Upper Count: 0
Lower Count: 0
Numeric Count: 0
Special Count: 0
Number of character changes 4
Valid forever. User tied to this policy will not expire
=======================================================

This is the message i receive back when i log in with a password more then 26 characters:

 

username/password incorrect: EOF received from remote side [Unknown cause]

 

 

Dear all,

 

I have the same problem on a 4500X running IOS 15.2(6)E.

We use TACACS+ with Cisco ACS and some of our static management system users have more than 25 characters in their password.

They can't login to the switch, but there is also no failed message on the Cisco ACS for this login.

 

Is this max number of 26 characters also in use for TACACS+ users? And if yes, is it possible to increase this?

 

Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers