Hi Jay
My first question is, when i used the two separate statement .. Why I can't access the router even I put wrong username and password ?
The second one, I need to create username George password George for example.i want to give him only to enter the confg mode and interface mode and don't anything else . Why this cant' happen unless you telnet the router. Why you can't make it from the console if you login with same username ! Thanks a lot jay, apprcieate that.
On May 11, 2012, at 11:29 PM, "Jay McMickle" <jay.mcmickle_at_yahoo.com> wrote:
> I might have misunderstood your 1st question, but when you enter both lines you put, the second overrides the first (only showing the 2nd line).
>
> If you want it to fall back, use-
> ....local def line none (on the same line)
>
> Second question-
> Priv 1 and 15 are the only ones that work.
>
> Regards,
> Jay McMickle- CCIE #35355
> Sent from iJay
>
> On May 11, 2012, at 12:58 PM, <mohd-mousa_at_hotmail.com> wrote:
>
>> Hi guys,
>>
>> I have two qestions regarding the aaa authentication,
>>
>> first, when i do the following commmand
>> -aaa authentication login default local
>> -aaa authentication login default none
>>
>> guys, i know that the first statment will authenticate based on the username
>> and password defined on the local database of the router.
>> Second statment i used it to avoid lock my self of the router.
>>
>> When i get out the router and get in, it will ask me the username and password.
>> and can't get in ( if i don't put the username and pass).
>> my question is should i access the router even without authentication as the
>> second statment said.
>>
>>
>>
>> Second, i know there are two level (8 for the usermode , 15 for the conf mode)
>>
>> i have the following command
>> usename k privileage 9 pass k
>> privielage exe level 9 configure terminal
>> privielage configure level 9 interface
>> aaa authorization exec default local
>>
>> Why this command only work when i telnet to this router, while itsn't working
>> when i get through the console ?
>>
>> when i get through the telnet
>> show privi ---- he gave me level 9 (after i put the username & pass) it worked
>> fine
>> when i get through the console
>> show privi ---- it gave me level 15 ( after i put the usename & pass )
>>
>> Thanks in advance
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri May 11 2012 - 23:49:41 ART
This archive was generated by hypermail 2.2.0 : Sun Jun 17 2012 - 09:04:19 ART