[cisco-voip] ios console access asking for old password
Lelio Fulgenzi
lelio at uoguelph.ca
Thu Oct 12 16:11:19 EDT 2017
Interesting. I'm using hardware that others have used to connect to other hosts. And when I modify the config to bypass TACACS+ it works by letting me login with the enable password. Although, that's complaining and only allowing level 14, not 15.
It's very weird.
---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS)
University of Guelph
519-824-4120 Ext 56354
lelio at uoguelph.ca
www.uoguelph.ca/ccs
Room 037, Animal Science and Nutrition Building
Guelph, Ontario, N1G 2W1
-----Original Message-----
From: Hunt, Fred A - DOA [mailto:FredA.Hunt at wisconsin.gov]
Sent: Thursday, October 12, 2017 3:31 PM
To: Lelio Fulgenzi; voyp list, cisco-voip (cisco-voip at puck.nether.net)
Subject: RE: [cisco-voip] ios console access asking for old password
It's behaving how it would if you hit Enter twice after entering your username, leaving the password field blank. Is the console cable (and possibly a USB-to-serial adapter) you're using working fine to console into other routers?
-----Original Message-----
From: Lelio Fulgenzi [mailto:lelio at uoguelph.ca]
Sent: Wednesday, October 11, 2017 3:43 PM
To: voyp list, cisco-voip (cisco-voip at puck.nether.net) <cisco-voip at puck.nether.net>
Subject: [cisco-voip] ios console access asking for old password
Anyone seen anything like this? I'm preparing for ios upgrades and want to monitor via the console port. I've compared this to another router and the relevant settings are the same. Could this be something on the far end TACACS+ server causing me issues?
-----
username: lelio
password:
Enter old password:
Enter new password:
Enter new password confirmation:
% Authentication failed
------
^^^
Not working working
aaa authentication login default group tacacs+ enable aaa authentication login default group tacacs+ enable
aaa authentication login virt-users group tacacs+ enable aaa authentication login virt-users group tacacs+ enable
aaa authentication login console group tacacs+ enable aaa authentication login console group tacacs+ enable
aaa accounting exec default aaa accounting exec default
action-type start-stop action-type start-stop
group tacacs+ group tacacs+
! !
aaa accounting commands 8 default aaa accounting commands 8 default
action-type start-stop action-type start-stop
group tacacs+ group tacacs+
! !
aaa accounting commands 15 default aaa accounting commands 15 default
action-type start-stop action-type start-stop
group tacacs+ group tacacs+
!
<snip>
!
line con 0 line con 0
session-timeout 60 output session-timeout 60 output
exec-timeout 30 0 exec-timeout 30 0
login authentication console login authentication console
transport preferred none transport preferred none
!
tacacs-server host a.b.c.6 tacacs-server host a.b.c.6
tacacs-server host a.b.c.7 tacacs-server host a.b.c.7
tacacs-server directed-request tacacs-server directed-request
tacacs-server key mykey tacacs-server key mykey
!
^^^
---
Lelio Fulgenzi, B.A.
Senior Analyst, Network Infrastructure
Computing and Communications Services (CCS) University of Guelph
519-824-4120 Ext 56354
lelio at uoguelph.ca
www.uoguelph.ca/ccs
Room 037, Animal Science and Nutrition Building Guelph, Ontario, N1G 2W1
More information about the cisco-voip
mailing list