Re: levelling of enable secer can't work [7:33362]

Sun, 27 Jan 2002 09:54:25 -0800 

Only if you are using that particular brand of authentication. I believe
that Aaron's suggestion would work, as would the explicit configuration of a
single "enable" password as contrasted with the configuration of only enable
secrets. I've seen the latter function in production.

----- Original Message -----
From: "Michael Popovich" 
To: 
Sent: Sunday, January 27, 2002 12:27 PM
Subject: Re: levelling of enable secer can't work [7:33362]


> Don't you need users defined for the certain levels and then enable aaa
new
> model along with aaa authentication default local?
>
> MP
> ----- Original Message -----
> From: "Aaron Dixon"
> To: "Grad Alfons Kanon" ;
> Cc:
> Sent: Sunday, January 27, 2002 11:15 AM
> Subject: RE: levelling of enable secer can't work
>
>
> > I think that you still have to have an enable password for level 15 on
> > the router so that you don't end  up locking yourself out.  When you
> > want to use privilege levels you need to specify that in your enable
> > command.  In your example, try 'enable 2' for level 2 and 'enable 3' for
> > level 3.
> >
> > Aaron
> >
> > -----Original Message-----
> > From: Grad Alfons Kanon [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, January 26, 2002 2:10 AM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: levelling of enable secer can't work
> >
> >
> > Hello team,
> >
> > I have problem here, I configured two different level of enable password
> > on
> > my OHIO router to enable different privilege of accessing the router,
> > but
> > seems can't work because when I telnet from Michigan, OHIO is no even
> > considered has the enable secret configured
> >
> > below is the config.
> >
> >
> >
> > OHIO ROUTER
> > ===========
> > !
> > hostname Ohio
> > !
> > enable secret level 2 5 $1$maWB$LVrsaUTyQGfCjUssdGVAN0
> > enable secret level 3 5 $6PRD$oza0RE5ve6QdSB3rAVG7h/
> > !
> > privilege exec level 3 show version
> > privilege exec level 2 show interfaces
> >
> >
> > MICHIGAN ROUTER
> > ================
> >
> > Michigan#135.2.56.6
> > Trying 135.2.56.6 ... Open
> >
> >
> > User Access Verification
> >
> > Password:
> > Michigan>en
> > % No password set
> >
> >
> >
> > _________________________________________________________________
> > Join the worlds largest e-mail service with MSN Hotmail.
> > http://www.hotmail.com
> > _________________________________________________________________
> > CCIE Security list: http://www.groupstudy.com/list/security.html
> > _________________________________________________________________
> > CCIE Security list: http://www.groupstudy.com/list/security.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33366&t=33362
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to