I did that too. It works with

sdhungana · ‎03-16-2015

Can anyone help me how to configure enable password in stacked 2960 switches. We are using TACACS to log into the switch. Now we need to remove TACACS. I tried to configure enable password but it doesn't accept. Any solution please?

Reza Sharifi · ‎03-16-2015

After removing TACACS configure the following command so you can get authenticated by local user name and password:

username test password 7 03410548045675F53180F

enable secret 5 $5$SNHC$avfOcVppGzAYliBMzbiz/.

line vty 0 4

login local

line vty 5 15

login local

HTH

sdhungana · ‎03-17-2015

I am using SSH to make change. It is in remote place. I can't go there. If I remove TACACs I lose connection to the router.

glen.grant · ‎03-18-2015

you can also just add a password under your vty's and also add the enable secret password . if you are concerned it wont work , use the reload in command where it will reload the box after so many minutes and load the old config if the new config doesn't work . If it works then just cancel the reload command . dont save the config until you are sure it works .

conf t

line vty 0 15

password xxxxxxxxx

exit

enable secret xxxxxxx

end

sdhungana · ‎03-18-2015

I have tried all these things. I have to remove TACACS configuration and use local authentication. But not successful.

Please see my configuration and suggest me. Thanks.

no username <username> secret 5 124567889shdgtuyt
!
!
no aaa new-model
!
!
no aaa authentication login TacacsFirst group tacacs+ local
no aaa authentication login uselocal local
no aaa authorization config-commands
no aaa authorization commands 1 default group tacacs+ none
no aaa authorization commands 15 default group tacacs+ none
no aaa accounting exec default start-stop group tacacs+
no aaa accounting commands 0 default start-stop group tacacs+
no aaa accounting commands 15 default start-stop group tacacs+
no aaa accounting network default start-stop group tacacs+
!
!
!
no aaa session-id common

!

tacacs-server host <IP Address> key 7 06523C6542183D2C551F03

tacacs-server directed-request

line con 0

session-timeout 15 output

password 7 070C28084D06485744

stopbits 1

line aux 0

password 7 121A0C5311045D5679

line 2

no activation-character

no exec

transport preferred none

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

login

password 4premise

session-timeout 15 output

privilege level 15

logging synchronous

login authentication TacacsFirst

transport input ssh

line vty 5 15

login

password 4premise

session-timeout 15 output

privilege level 15

logging synchronous

login authentication TacacsFirst

transport input ssh

!

glen.grant · ‎03-18-2015

Try taking this out of the vty settings "login authentication TacacsFirst " . Not sure what that is doing but we have never used it . What are you seeing when you say it doesnt work ?

sdhungana · ‎03-18-2015

I did that too. It works with TACACS configuration. Once I delete TACACS configuration. Router prompt freezes and my user name password doesn't work.

enable password in stacked Cisco 2960 switch.