Yes, somebody did already show that setting a user mode password on a
Catalyst 1900 switch could be done--it was me. (-:
I'm going to have to sit down and learn more about TACACS I guess. I
thought that TACACS+ would only come into play when the router (or switch)
prompted the end user for a password. Since the 1900's don't prompt for a
"user mode" password, I would have thought TACACS+ (or Radius) wouldn't be
an option.
As for the way I did it -- I created a user mode password prompt using a
single Cisco IOS command.
-- Leigh Anne
-----Original Message-----
From: John Nemeth [mailto:[EMAIL PROTECTED]]
Sent: February 14, 2001 6:00 AM
To: Leigh Anne Chisholm; Rik Guyler; Cisco Groupstudy (E-mail)
Cc: [EMAIL PROTECTED]
Subject: RE: VTY LINES NON EXISTENT!!!!
On Jul 6, 7:16am, "Leigh Anne Chisholm" wrote:
}
} You'll notice that when you access your Catalyst switch via the console
} port, that without issuing any sort of password, you're immediately able
to
} access several commands on the switch -- you've immediately got access to
} "user mode". In some organizations, this can present a security risk.
Can
Yeah, I noticed this and found it rather surprising, not to
mention disturbing. Especially, when you consider that the standard
software doesn't have this problem (of course, it doesn't have the
"enable" mode distinction, or a CLI for that matter).
} you set a "user-mode" password for the Catalyst 1900 series switch? If
so,
} how?
Somebody has already shown that it can be done. Digging through a
switch, the only thing that comes to mind is TACACS? However, setting
up TACACS just for a couple of switches seems like a big waste.
}-- End of excerpt from "Leigh Anne Chisholm"
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
