From: John Edom (jedom123@gmail.com)
Date: Wed Dec 24 2008 - 09:21:51 ARST
if there is no such requirement then no need to add this configuration or
still it is good to configure?
Anyway thanks for clarification.......
Regards
On Wed, Dec 24, 2008 at 2:56 PM, Howard Hooper
<Howard.Hooper@dupre.co.uk>wrote:
> Hi John
>
> I always configure 'aaa authentication login default line' after
> configuring 'aaa new-model' on a device, this will allow me to access
> the device using the normal vty passwords as after entering the command
> 'aaa new-model' you will be asked for a username and password when next
> trying to login.
>
> This will also help to follow any requirements they may ask for in the
> lab for example...'do not change the vty or console passwords', by using
> the command 'aaa authentication login default line' you are still using
> the original passwords they have entered
>
>
> HTH
>
> Howard
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> John Edom
> Sent: 24 December 2008 10:31
> To: Robert Steeneken
> Cc: Cisco certification
> Subject: Re: Dot1x - need "aaa authen login" for vty in Lab
>
> May be we are confusing something but see on vty line i configured
>
> line vty 0 4
> pass cisco
>
> now i telnet this router and it ask for line password that is cisco,
> after
> that i configure
>
> aaa new-model
> username abc pass xyz
>
> and then telnet. this time i am getting username/Password prompt. when i
> use
> abc/xyz, i be able to login
>
> please correct me if i am wrong
>
> Regards
>
>
> On Wed, Dec 24, 2008 at 2:07 PM, Robert Steeneken
> <r.steeneken@gmail.com>wrote:
>
> > as long as you don't use aaa authentication login or authentication
> enable
> > yours lines will not be affected, as I believe.
> >
> >
> > On Wed, Dec 24, 2008 at 10:57 AM, John Edom <jedom123@gmail.com>
> wrote:
> >
> >> but for this i configured "aaa new-model" that enable authentication
> on
> >> vty lines so default behavior of vty changed. Please correct me if i
> am
> >> wrong.
> >>
> >> Regards
> >>
> >>
> >> On Wed, Dec 24, 2008 at 1:51 PM, Robert Steeneken
> <r.steeneken@gmail.com>wrote:
> >>
> >>> For dot1x you use a separate aaa line ''aaa authentication dot1x''
> so
> >>> thats not used for vty etc.
> >>>
> >>> On Wed, Dec 24, 2008 at 10:27 AM, John Edom <jedom123@gmail.com>
> wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> while configuring dot1x we add "aaa new-model" that enable
> >>>> authentication on
> >>>> vty lines also. So my question is in lab exam we need to configure
> aaa
> >>>> authen login with none and configure on vty lines. If yes then
> there are
> >>>> two
> >>>> ways; first is configure "aaa authen login no-auth none" and then
> >>>> configure
> >>>> on vty and console using "login authen no-auth".
> >>>> second way is configure "aaa authen login default none" so which
> one is
> >>>> best
> >>>> in lab exam?
> >>>>
> >>>> Regards
> >>>>
> >>>>
> >>>> Blogs and organic groups at http://www.ccie.net
> >>>>
> >>>>
> _______________________________________________________________________
> >>>> Subscription information may be found at:
> >>>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
>
> This message has been scanned for viruses by MailController -
> www.MailController.altohiway.com
> _Click
> https://www.mailcontroller.altohiway.com/sr/3jo6NkmXoFDTndxI!oX7UrDv!jL6
>
nhygGem+Mpkv6qekZ3BnwG3MjcZaIq0aoq3i0znG<https://www.mailcontroller.altohiway
.com/sr/3jo6NkmXoFDTndxI%21oX7UrDv%21jL6nhygGem+Mpkv6qekZ3BnwG3MjcZaIq0aoq3i0
znG>!SAN5ztLwdQMGDtFKA==
> to report
> this email as spam.
>
> CONFIDENTIALITY NOTICE:
> This e-mail (and any attachments) are confidential, legally privileged
> and/or protected by copyright. This e-mail is intended only for the
> addressee or the person responsible for delivering it to the addressee. If
> you receive this e-mail in error please notify the sender by replying by
> e-mail or telephone immediately (telephone 01635 55 55 55. If calling from
> outside the UK 0044 1635 55 55 55) and then delete this e-mail (and any
> attachments) from your system, entirely. You should not disclose the
> contents of this e-mail (and any attachments) to any other person and no
> copies should be made.
> Company registration number: 1520800
> Registered Office: du Pri plc, Vo-Tec Centre, Hambridge Lane, Newbury,
> Berkshire. RG14 5TN.
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:09 ARST