INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

authenication

authenication

(OP)
I want my switch to start prompting me for a username and password. It is currently just using a VTY line password.

I have created a username.
username bob password 0 bob privilege 15

aaa is not running
no aaa new-model

vty line is configured
line vty 0 4
password john
login
line vty 5 15
password john
login

I have tried several things to get it to prompt me for the user name and password when I telnet, but I cant seem to figure it out.

thanks for the help.

RE: authenication

(OP)
I reset the switch to factory defaults. Here is a copy of the current config. When I telnet to it, it prompts me for a username and password, but wont let me login with the usernames and passwords, I have defined.

~~~~~~~
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW1
!
enable secret 5 $1$WhWb$m4M8PrfJZzf46x7FuS9Gc/
!
username bob password 0 kjh privilege 15
username joe password 0 mjh privilege 15
no aaa new-model
system mtu routing 1500
vtp domain odecooh
vtp mode transparent
ip subnet-zero
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 150
name mgmt
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 150
switchport trunk allowed vlan 150,654
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan150
ip address 10.1.15.56 255.255.255.0
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 0 4
login local
line vty 5 15
login local
!
end
~~~~~~~

RE: authenication

aaa new-model
aaa authentication default local
aaa authorization default local


**im writing off memory might be missing a little bit in that command..

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

RE: authenication

(OP)
I am still not getting anywhere with this, I reset the switch again , here is the config.
I am trying to setup local authenication so you have to use a username/password to telnet or console to the switch.
I tried the above commands with no sucess. I tried some google-fu and still didnt find what I was looking for


~~~~~~~~~~~~~~~
sho run
Building configuration...

Current configuration : 773 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW1
!
no aaa new-model
system mtu routing 1500
vtp domain odecooh
vtp mode transparent
ip subnet-zero
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 150
name mgmt
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface GigabitEthernet0/1
!
interface Vlan1
no ip address
!
ip classless
ip http server
!
control-plane
!
line con 0
line vty 5 15
!
end

~~~~~~~~~~~~~~~~~

RE: authenication

Hi,
Using the last config -

config t
username test priv 15 secret Mysecret
line vty 0 15
login local

Is this for testing or for production? If it is for production I would recommend setting up SSH and adding security to the switch.

Hope this helps

RE: authenication

(OP)
didnt work, when i telneted back to the switch it prompted me for a username, but would not let me login with the user and password I set.

RE: authenication

(OP)
when i wen back and looked at the config again, vty line 0 4 was still set with a password. when i corrected thati t wokred ok.

thanks for the help


Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close