.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "Hand Job, Blow Job, Job Search, Monster Job"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
Enable access for VTY
I think it will ask for one time only as CONSOLE is configured to use enable password.
aaa authentication login CONSOLE enable
line con 0 login authen CONSOLE
HTH -secondie
But the following will > secondie, > > According to your config , console login should ask for password two > times , first login password and then enable password.. right ? > > > On 7/31/06, *secondie* > wrote: > > This thread is kind of continuation of another thread posted by me > earlier. One of the requirements was to use AAA. > > Hope this clarifies. > > > > Gregory W. Posey Jr. wrote: > > Why not… > > username cisco password cisco > > line vty 0 4 > > login local > > privilege level 15 > > Thank you, > > Greg Posey Jr. > > CCIE #7981 > > CCSP, CCSI > > M.S. EE > > > > secondie writes: > >> I think it is for “no enable password”. > >> Here is the brief description: > >> “aaa authentication login VTY local” — sets up VTY as local > auth > >> group > >> “aaa authorization exec VTY local” — sets up as authorization as > >> local > >> line vty 0 4 > >> password a — “this line has no relevance to the authen or > author as > >> both are base on AAA, so ignored by VTY login”, could be used as > >> second choice but not configured in this case > >> login authentication VTY — “enable login based on VTY profile of > >> AAA which is local” > >> > >> authorization exec VTY “enables the authorization based on the VTY > >> author group, which is local” > >> So when VTY is login is prompted, AAA looks for local > >> username/password for authentication, which is cisco/cisco. > Then for > >> authorization it looks under “authorization exec VTY group > local” and > >> as local command “username cisco privi 15 pass cisco” specifies > level > >> of 15, it authorizes user cisco for priv 15, therefore directly > >> dropping user into enable mode. > >> HTH > >> -secondie > >> > >> Paul Dardinski wrote: > >>> Can someone elaborate? I thought the question was “is it > possible to > >>> enable vty access with “NO” password authent?”. Will lab this > up, does > >>> this allow enable access vty with no further authent other > then local > >>> login? > >>> —–Original Message—– > >>> From: nobody@groupstudy.com > [mailto:nobody@groupstudy.com ] On > Behalf Of > >>> Rick Fox > >>> Sent: Sunday, July 30, 2006 10:07 PM > >>> To: secondie@gmail.com > >>> Cc: Cisco certification > >>> Subject: RE: Enable access for VTY > >>> That’s it. > >>> Line vty 0 4 > >>> authorization exec VTY > >>> Thanks, > >>> Rick > >>> —–Original Message—– > >>> From: secondie [mailto:secondie@gmail.com > ] Sent: Sunday, July 30, > >>> 2006 9:59 PM > >>> To: Rick Fox > >>> Cc: Cisco certification > >>> Subject: Re: Enable access for VTY > >>> Only way I can think of is as below: > >>> aaa new-model > >>> aaa authentication login CONSOLE enable > >>> aaa authentication login VTY local > >>> aaa authorization exec VTY local > >>> enable password enable > >>> ! > >>> username cisco privilege 15 password 0 cisco > >>> > >>> line con 0 > >>> login authen CONSOLE > >>> line vty 0 4 > >>> password a > >>> authorization exec VTY > >>> login authentication VTY > >>> ***************** > >>> CONSOLE LOGIN: > >>> ***************** > >>> R20 con0 is now available > >>> Press RETURN to get started. > >>> > >>> R20>en > >>> Password: enable (typed in for clarity) > >>> R20# > >>> > >>> ************* > >>> VTY LOGIN: > >>> ************* > >>> User Access Verification > >>> Username: cisco > >>> Password: cisco (typed in for clarity) > >>> R20# > >>> R20# > >>> > >>> HTH > >>> -secondie > >>> > >>> Rick Fox wrote: > >>>> So, is there a way to configure access so that when telneting > to a > >>>> router, local authentication is used, and you are immediately in > >>> enable > >>>> mode? > >>>> The config provided from previous thread still requires > additional > >>> login > >>>> to enable mode. > >>>> > >>>> > >>>>>> aaa new-model > >>>>>> aaa authentication login CONSOLE enable > >>>>>> aaa authentication login VTY local > >>>>>> ! > >>>>>> line console 0 > >>>>>> login authentication CONSOLE > >>>>>> ! > >>>>>> line vty 0 4 > >>>>>> login authentication VTY > >>>>>> ! > >>>> > >>> > _______________________________________________________________________ > >>>> Subscription information may be found at: > >>>> http://www.groupstudy.com/list/CCIELab.html > >>> > >>> > _______________________________________________________________________ > >>> Subscription information may be found at: > >>> http://www.groupstudy.com/list/CCIELab.html > >>> > _______________________________________________________________________ > >>> Subscription information may be found at: > >>> http://www.groupstudy.com/list/CCIELab.html > >> > >> > _______________________________________________________________________ > >> Subscription information may be found at: > >> http://www.groupstudy.com/list/CCIELab.html > > _______________________________________________________________________ > Subscription information may be found at: > http://www.groupstudy.com/list/CCIELab.html
