Hi,

nicolasjuarez · ‎01-13-2017

Hello, i have a weird problem.

We have a WS-C3560G-24TS-S and i can't log in with a certain username. My cfg is something like this:

username admin privilege 15 secret 5 Whatever123
username user1 privilege 7 secret 5 cisco123

I can login with "admin" but when i try logging in with "user1" by ssh or telnet, i can't unless i change it's secret password...

I mean:
1) Log in: user1 / Password: cisco123 = Access Denied

Then, i change user1 secret to "root"

2) Log in: user1 / Password root = Access Granted

Weird! I tried deleting the username and creating it again, but same problem always. The problem is that i need the username to be "user1" and the secret "cisco123".

Paul Chapman · ‎01-13-2017

Hi -

You seem to have a basic syntax error.

username user1 priv 7 secret 5 cisco123

Is not the same as

username user1 priv 7 secret cisco123

The first has the "5" keyword in it which indicates that the following string is already encrypted. The second is what you should actually be doing.

PSC

nicolasjuarez · ‎01-13-2017

Hi, after secret 5 i have the encripted string, i just didn't copy here the encripted string so i could show you the problem

Georg Pauwen · ‎01-13-2017

Hi,

try 'login local' instead of 'login authentication default' under the VTY lines:

line vty 0 4
login local
transport input ssh telnet

nicolasjuarez · ‎01-16-2017

Tried that, but no luck. I guess i will have to reboot the device and see what happens.

Georg Pauwen · ‎01-13-2017

Hello,

what does your configuration look like ? It should look like this:

username admin privilege 15 secret 5 Whatever123
username user1 privilege 7 secret 5 cisco123

aaa new-model
aaa authentication login default local

line vty 0 4
login authentication default
transport input ssh telnet

nicolasjuarez · ‎01-13-2017

Yup, i have all that lines in my cfg

Weird login problem with 3560G