cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4195
Views
10
Helpful
9
Replies

How to prompt to use a login password then enable password

CiscoBrownBelt
Level 6
Level 6

Anyone know how to configure a switch/router so if I login locally I must enter one password to login then another to enter privileged mode?

2 Accepted Solutions

Accepted Solutions

Reza Sharifi
Hall of Fame
Hall of Fame

A second password can be used for getting to enable mode:

In config mode:

enable secret [level level] {password | [encryption-type] encrypted-password}

HTH

View solution in original post

Thanks for the update letting us know that you have resolved the issue by re-doing the user IDs in the configs.

 

HTH

 

Rick

HTH

Rick

View solution in original post

9 Replies 9

Reza Sharifi
Hall of Fame
Hall of Fame

A second password can be used for getting to enable mode:

In config mode:

enable secret [level level] {password | [encryption-type] encrypted-password}

HTH

I configured enable secret level 5 like what you said and it still would not work. Even tried not entering level number.

 

So here are my configs (I am giving example of password I want to work):

aaa authentication login default group tacacs+ local line enable
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+

 

username administrator level 15 secret PPPPPP

enable secret JJJJJJJ

 

To answer this question we need to see more of the configuration. In particular I am looking to see whether the line vty configuration might specify privilege-level.

 

HTH

 

Rick

HTH

Rick

Sorry disregard I figured it out. There were too many other configs conflictin or something.

I removed password config from line vty.

Removed and re-did local username accounts and now it works.

Thanks for the update letting us know that you have resolved the issue by re-doing the user IDs in the configs.

 

HTH

 

Rick

HTH

Rick

I appreciate all the help guys!

You are very welcome. I am glad that our suggestions pointed you in the right direction. And even more glad that you were able to resolve your own problem (those are the best kind of discussions on the forum). Thanks for marking this discussion as solved. This will help other readers in the forum to identify discussions which have helpful information.

 

HTH

 

Rick

HTH

Rick

Well looks like config is different on the Nexus 3500 series.
So I create the user and do the enable password config, but upon loggin in under user and I straight into priv mode and do not have to enter a password.

The Nexus is little different.  You need to enable the feature first:

feature privilege

enable secret 5 <password> priv 15

username test priv 15

HTH