ā04-14-2023 11:13 AM
Hello everyone, I have a cisco catalyst 9200, it has created an admin user with a defined password, but in addition to the admin user, when logging in with any other different credentials it works.
example :
user : XYZ
password: uhbfuew
It works, how to block it? I just want the admin user to be able to log into this device.
Follow config:
aaa authentication login default local group radius
aaa authorization exec default local group radius
Solved! Go to Solution.
ā05-11-2023 05:11 AM
Hello everyone,
Sorry for the delay in response, the problem has been resolved, we identified that the security flaw was in the radius server, we removed it from the AAA settings on the switch and the problem was solved.
Previous configuration:
aaa authentication login default local group radius
aaa authorization exec default local group radius
New configuration:
aaa authentication login default local
aaa authorization exec default local
Thank you all for your help.
ā04-14-2023 10:29 PM
- Make sure to have a unique admin user defined in the running-config too as in :
username <admin_username> privilege 15
M.
ā04-15-2023 12:14 AM
can you more elaborate what issue here >?
ā04-15-2023 11:29 AM
My equipment has only one user, which is the admin user, but when entering via ssh and placing any character, it allows it and enters user configuration mode.
ā04-15-2023 12:17 PM
are you use ISE as radius server ??
ā04-15-2023 11:09 PM
- Post the full running config of the 9200 ,
M.
ā05-11-2023 05:11 AM
Hello everyone,
Sorry for the delay in response, the problem has been resolved, we identified that the security flaw was in the radius server, we removed it from the AAA settings on the switch and the problem was solved.
Previous configuration:
aaa authentication login default local group radius
aaa authorization exec default local group radius
New configuration:
aaa authentication login default local
aaa authorization exec default local
Thank you all for your help.
ā05-11-2023 06:44 AM
Your device was trying to authenticate from a radius server and now you change it to local if you want to create a new user now just do this command username admin privilege15 secret yourpassword
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide