Solved: Switch logon question

Andy White · ‎04-23-2012

Hello,

I've configured this in the past where you have 2 users on a switch with different privileges:

username admin privilege 15 secret 5 $1$xhbN$3KuZkWG81

username users privilege 3 secret 5 $1$fW/K$I2fQEJRd7s5

When either account is used normally I would be put into privilege mode 15 or 3 and no need for the enable password. At the moment i go into user exec mode on each (priv 1).

My VTY lines are like this:

line con 0

exec-timeout 60 0

logging synchronous

line vty 0 4

access-class 23 in

exec-timeout 60 0

logging synchronous

transport input ssh

line vty 5 15

access-class 23 in

no exec

transport input ssh

How can I get each user to go into their respective privilege views without the need for an enable passowrd?

Thanks

Edison Ortiz · ‎04-23-2012

Do you have aaa-new model enabled?

If you don't, you need to add login local under the VTY lines.

If you have aaa-new model enabled, you need to add aaa authorization exec default local

I'm assuming these devices are not pointing to a AAA server?

View solution in original post

Edison Ortiz · ‎04-23-2012

Do you have aaa-new model enabled?

If you don't, you need to add login local under the VTY lines.

If you have aaa-new model enabled, you need to add aaa authorization exec default local

I'm assuming these devices are not pointing to a AAA server?

Andy White · ‎04-23-2012

Great! that worked, silly me.

Dan-Ciprian Cicioiu · ‎04-23-2012

Hi Andy ,

Do you have aaa configured ?

Dan