Professional Documents
Culture Documents
Page 1
In this article , we will take a step further in securing our Cisco router by using a local username / password database in the Cisco IOS. Thus, a user must know a username AND password to be granted access to the Cisco IOS. Lets see how this is done .
Local Authentication
The most basic level of security you can configure on a Cisco IOS device is a password. When this is done , a password is assigned to allow access to the privileged / global configuration mode, and to protect initial entry to the user mode of the IOS. However, the Cisco IOS can take this a step further, and have actual usernames and passwords assigned for access . By doing this, you have the real name of the person who is accessing the device. If you chose to do so, this username could be logged so that you know when that user logged into the router, and when they logged off. The Cisco IOS can, of course, also support external authentication through services like Cisco ACS and RADIUS. In this example, we will create a basic local authentication database containing usernames and passwords, and then use that to login to the Cisco IOS device.
username admin priv 15 password cisco username bob priv 7 password cisco Once these users are created, you need to enable the login on the lines to use the local database instead of just the line password, or no password at all.
SWOT Software
Get a free 30 Day Trial of MM2012 the leading Mindmapping Tool ! www. Mindjet.com
http://www.petri.co.il/csc_how_to_configure_local_username_database_cisco_ios.htm
18.10.2011 12:26:34
Page 2
After logging off, I logged back in as the bob user. Here is an example:
Notice in this example that this user was put into privilege mode 7, but this mode still didn t allow them to access the global configuration mode. You can get very advanced when it comes to configuring privilege levels and commands in privilege levels . At this point , we have successfully tested our local username authentication database and our two different users.
Summary
In this article , we learned how to configure a local username /password database in the Cisco IOS. We configured our lines ( aux, console , and vty) to use the local database using the login local command. We then used that database for local login authentication . The privilege command can also be used to set privileges for these users. There are many more options for the username and privilege commands . For more information on configuring Cisco IOS usernames, see the Cisco documentation username command reference. Related Articles How How How How to to to to Configure Passwords to Secure your Cisco Router Configure a Cisco Router as a Terminal Server configure Multiple Local GPOs in Windows Vista? configure EIGRP on your Cisco router
Privacy Policy | Site Info | Contact | Advertise 2011 Blue Whale Web Inc. |
http://www.petri.co.il/csc_how_to_configure_local_username_database_cisco_ios.htm
18.10.2011 12:26:34