Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

router username config question

Status
Not open for further replies.
bnorton916

bnorton916

Programmer
May 30, 2009
148
US
I have the below configuration. It works as expected.
username is prompted for with telnet and console connections.

What I don't understand is if I connect via telnet I am put into enable(privileged exec) mode. But if I connect via console I am put into user exec mode.

I think the aaa new-model is changing things up though documentation on this seems to be sparse.I do know that "login local" is not available for telnet and console.

Any ideas?

Bill


Relevant config below(I did modify my passwords)

service password-encryption
enable secret 5 $3$rn9G$fYQpH5Ao4Ru$ezfT$fyK70
username admin privilege 15 password 7 80123456780B5F2F2F

aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local
aaa session-id common

line con 0
exec-timeout 5 0
password 7 084999FE4953342F0C
transport preferred telnet
line aux 0
password 7 231928334403lE5C54
line vty 0 4
access-class 90 in
exec-timeout 30 0
password 7 39999999993F3E4EEF
length 71
escape-character 3
!
no scheduler allocate
end

 
Sort by date Sort by votes
It's the "privilege 15" part that's screwing you up...

username admin privilege 15

BTW, read this...


which I am pretty sure you know about since your "encrypted" passwords don't match those of any Vigenere ciphertext I have ever known to see...:)

/



Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(25c), RELEASE SOFTWARE (fc2)
Technical Support: Copyright (c) 1523-2010 by Cisco Systems, Inc.
Compiled Thu 11-Feb-1539 23:02 by ßµ®†Šß€€Š

ROM: System Bootstrap, Version 12.2(7r) [ÝØÝØMØÑ], RELEASE SOFTWARE (fc1)

Edge uptime is 469¼
 
Upvote 0 Downvote
Thanks for the reply.

So I believe I understand what you are saying, but why do I get prompted for a username when telnet-ing but not when connecting via console?

Bill

p.s. I made sure to put garbage in for the passwords :)
 
Upvote 0 Downvote
Because you have entered a Telnet command there.

Why anyone would want Telnet capability on a Line Con 0 command is beyond me:-

line con 0
login
password xxxxxxxxxx (Whatever)

Ensure all passwords are encrypted withe the service command.
 
Upvote 0 Downvote
> Because you have entered a Telnet command there.

>Why anyone would want Telnet capability on a Line Con 0 >command is beyond me:-

>line con 0
>login
>password xxxxxxxxxx (Whatever)

I inherited this config. Just trying to understand it better.

Not sure I understand your explanation: "Telnet command there" can you explain a little more.

Thanks.

Bill
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zero6
  • Locked
  • Question
question about cisco cbs 350-12xs 12 port 10g sfp+
Replies
0
Views
231
Zero6
Zero6
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
533
BIS
BIS
Tariq Habaybeh
  • Locked
  • Question
Cisco 881WD-E-K9 router configuration
Replies
1
Views
180
burtsbees
burtsbees
Drug_Store
  • Locked
  • Question
Cisco 3560g 48ports PoE - config
Replies
1
Views
120
Drug_Store
Drug_Store
Mogles49
  • Locked
  • Question
Firewall ACL question
Replies
1
Views
187
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top