Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
31678
Views
10
Helpful
5
Replies

User access verification on switch or router

Horacio Gutierrez
Level 2
Level 2

‎04-18-2014 03:08 PM - edited ‎03-07-2019 07:08 PM

Hello,

What causes a router or switch to prompt for username and password when you vty as oppose to vty into switch and going straight to the enable password.  Whats commands make the user get prompt for username or password when vty into switch?

 

Thanks,

6 people had this problem
Labels:
0 Helpful
5 Replies 5

Leo Laohoo
Hall of Fame
Hall of Fame

‎04-18-2014 05:56 PM

You enable AAA.  So when you console and/or remotely access the appliance, you'll get prompted with a username, password and enable password.

 

Alternatively you can configure a static username/password:  

config t

 username <USERNAME> password <PASSWORD>

 enable secret <ENABLE PASSWORD>

 service password encryption

end

 

0 Helpful

Horacio Gutierrez
Level 2
Level 2
In response to Leo Laohoo

‎04-18-2014 06:37 PM

What commands do you use to configure aaa for been prompt for username and password?

 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Horacio Gutierrez

‎04-19-2014 05:30 PM

Go here and choose your the choices base on the appliance model.

0 Helpful

praveennoc
Level 1
Level 1

‎04-18-2014 11:11 PM

First you need to enable e AAA  when you want to remotely access the appliance,

no enable secret
no enable password
no username <User Name >
enable secret <password >
username admin privilege 15 secret <password >

tacacs-server host <Host IP>
tacacs-server directed-request
tacacs-server key <Key>

aaa new-model
aaa authentication login default group tacacs+ local line enable
aaa authentication enable default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+

aaa accounting commands <acces level num>default stop-only group tacacs+
aaa accounting system default stop-only group tacacs+
 

Alternatively you can configure a static username/password:

config t

username <USERNAME> password <PASSWORD>

enable secret <ENABLE PASSWORD>

service password encryption

end

 

Poonam Garg
Level 3
Level 3

‎04-20-2014 06:20 AM

when you just enable a command "aaa new-model", all your lines except console start asking for username and password for authentication.

 

"Please rate helpful posts"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card