Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4761
Views
0
Helpful
3
Replies

Enable or No Enable

Go to solution
Infuscomus
Level 1
Level 1

‎07-06-2017 06:07 AM - edited ‎03-08-2019 11:13 AM

I have come across 3 different CISCO devices (SW, FW and Router) which have a login system like the following:

One device requires username / password, then enable password.

Second device requires username / passwword and En is blank (pressing enter when En password is required works)

Third device requires username / password and directly enters En mode.

I want to make some order in this chaos, so that every device requires a separate En password (and maybe remove it from 1st one).

Can anyone explain what would be the best way to do this ?

Basically, I want to change the devices as following: The first device to directly enter En mode (like the 3rd does currently), the 3rd to ask for En password (like 1st one does) and the 2nd one to actually have a non-blank password (for this one I think I just have to set it and it should be fine).

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎07-06-2017 12:17 PM

Hello,

the below will log you into exec mode directly without asking for authentication and authorization:

line con 0
 privilege level 15
line aux 0
 privilege level 15
line vty 0 15
 privilege level 15

The below will ask for username and password, then for 'enable' password:

enable password cisco
!
username test privilege 7 password 0 cisco
!
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Julio E. Moisa
VIP
VIP

‎07-06-2017 10:07 AM

Hi

I recommend to use enable secret <password>, it is like other security layer.  Is good idea to have a document (in Excel could be) with basic configuration to have a standard.




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎07-06-2017 12:17 PM

Hello,

the below will log you into exec mode directly without asking for authentication and authorization:

line con 0
 privilege level 15
line aux 0
 privilege level 15
line vty 0 15
 privilege level 15

The below will ask for username and password, then for 'enable' password:

enable password cisco
!
username test privilege 7 password 0 cisco
!
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local

0 Helpful

Go to solution
Infuscomus
Level 1
Level 1
In response to Georg Pauwen

‎07-10-2017 01:55 AM

Thanks, I remember it now.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card