RE: Enable access for VTY

From: Rick Fox (rick.fox@tcsna.com)
Date: Mon Jul 31 2006 - 00:38:06 ART

• Next message: secondie: "Re: Enable access for VTY"
• Previous message: Paul Dardinski: "RE: Tricky One - Can Backbone router learn default route from"
• Maybe in reply to: Rick Fox: "Enable access for VTY"
• Next in thread: secondie: "Re: Enable access for VTY"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The config provided allows telnet to the router, authenticate with local
login, and being placed right into enable mode.

The authorization exec VTY was what I was missing from my config.

Thanks.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Paul Dardinski
Sent: Sunday, July 30, 2006 10:30 PM
To: Cisco certification
Subject: RE: Enable access for VTY

Can someone elaborate? I thought the question was "is it possible to
enable vty access with "NO" password authent?". Will lab this up, does
this allow enable access vty with no further authent other then local
login?

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Rick Fox
Sent: Sunday, July 30, 2006 10:07 PM
To: secondie@gmail.com
Cc: Cisco certification
Subject: RE: Enable access for VTY

That's it.

Line vty 0 4
authorization exec VTY

Thanks,
Rick

-----Original Message-----
From: secondie [mailto:secondie@gmail.com]
Sent: Sunday, July 30, 2006 9:59 PM
To: Rick Fox
Cc: Cisco certification
Subject: Re: Enable access for VTY

Only way I can think of is as below:

aaa new-model
aaa authentication login CONSOLE enable
aaa authentication login VTY local
aaa authorization exec VTY local
enable password enable
!
username cisco privilege 15 password 0 cisco

line con 0
login authen CONSOLE

line vty 0 4
 password a
 authorization exec VTY
 login authentication VTY

*****************
CONSOLE LOGIN:
*****************
R20 con0 is now available

Press RETURN to get started.

R20>en
Password: enable (typed in for clarity)
R20#

*************
VTY LOGIN:
*************
User Access Verification

Username: cisco
Password: cisco (typed in for clarity)

R20#
R20#

HTH
-secondie

Rick Fox wrote:
> So, is there a way to configure access so that when telneting to a
> router, local authentication is used, and you are immediately in
enable
> mode?
>
> The config provided from previous thread still requires additional
login
> to enable mode.
>
>
>
>>> aaa new-model
>>> aaa authentication login CONSOLE enable
>>> aaa authentication login VTY local
>>> !
>>> line console 0
>>> login authentication CONSOLE
>>> !
>>> line vty 0 4
>>> login authentication VTY
>>> !
>>>
>
>

• Next message: secondie: "Re: Enable access for VTY"
• Previous message: Paul Dardinski: "RE: Tricky One - Can Backbone router learn default route from"
• Maybe in reply to: Rick Fox: "Enable access for VTY"
• Next in thread: secondie: "Re: Enable access for VTY"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:48 ART