Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
6391
Views
0
Helpful
3
Replies

Enable or No Enable

Go to solution
Infuscomus
Level 1
Level 1

‎07-06-2017 06:07 AM - edited ‎03-08-2019 11:13 AM

I have come across 3 different CISCO devices (SW, FW and Router) which have a login system like the following:

One device requires username / password, then enable password.

Second device requires username / passwword and En is blank (pressing enter when En password is required works)

Third device requires username / password and directly enters En mode.

I want to make some order in this chaos, so that every device requires a separate En password (and maybe remove it from 1st one).

Can anyone explain what would be the best way to do this ?

Basically, I want to change the devices as following: The first device to directly enter En mode (like the 3rd does currently), the 3rd to ask for En password (like 1st one does) and the 2nd one to actually have a non-blank password (for this one I think I just have to set it and it should be fine).

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP

‎07-06-2017 12:17 PM

Hello,

the below will log you into exec mode directly without asking for authentication and authorization:

line con 0
 privilege level 15
line aux 0
 privilege level 15
line vty 0 15
 privilege level 15

The below will ask for username and password, then for 'enable' password:

enable password cisco
!
username test privilege 7 password 0 cisco
!
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Julio E. Moisa
VIP Alumni
VIP Alumni

‎07-06-2017 10:07 AM

Hi

I recommend to use enable secret <password>, it is like other security layer.  Is good idea to have a document (in Excel could be) with basic configuration to have a standard.




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎07-06-2017 12:17 PM

Hello,

the below will log you into exec mode directly without asking for authentication and authorization:

line con 0
 privilege level 15
line aux 0
 privilege level 15
line vty 0 15
 privilege level 15

The below will ask for username and password, then for 'enable' password:

enable password cisco
!
username test privilege 7 password 0 cisco
!
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local

0 Helpful

Go to solution
Infuscomus
Level 1
Level 1
In response to Georg Pauwen

‎07-10-2017 01:55 AM

Thanks, I remember it now.

0 Helpful
Top