Re: Logging failed logons on 2960-X

Lisa29236 · ‎03-25-2021

I have noticed that the 2960-X switch only logs successful logins, but not failed ones (at least I have failed to configure it). It would be really interesting to get log messages for failed logins. Anyone who knows how to do this?

Spooster IT Services · ‎03-25-2021

Hello Lisa,

Following are the commands for login failed and success to get logged.

login on-failure log
login on-success log

***Please rate all helpful posts***

Spooster IT Services Team

balaji.bandi · ‎03-25-2021

login on-failure log

login on-success log

make sure you are not fall under this version and bug :

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCud90069/?rfs=iqvred

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Tagir Temirgaliyev · ‎03-29-2021

If you think about access security, You can create a list of allowed IP adresses, and you can log all attempts, permitted and not permitted

ip access-list standard MGMT_Access
permit 192.168.65.11 log
permit 192.168.65.130 log
deny any log

!
line vty 0 15
access-class MGMT_Access in
exec-timeout 30 0
absolute-timeout 300
logging synchronous
login local
transport input ssh

You can create a simple ansible script to apply this config to all cisco devices in one click and even not cisco too