Aaa authentication

foreverlearningforeverlearning Member Posts: 24 ■■■□□□□□□□
in CCNA Security
I configured aaa new model on the cisco switch but the aaa server is not yet ready.

I am now locked out of the switch as i dont have a username or password.

What should i do?
· Share on FacebookShare on Twitter

Comments

  • DCDDCD Member Posts: 465 ■■■■□□□□□□
    You have to do the password recovery or wipe the startup configuration. 
    · Share on FacebookShare on Twitter
  • TechGromitTechGromit GSEC, GCIH, GREM, Ontario, NY Member Posts: 2,119 ■■■■■■■■■□
    edited June 22
    So you didn't configure a username and enable password? When i set up a switch, first I set a username/password and enable password.

    add the command

    aaa authentication login default local group tacacs+
    aaa authentication enable default group tacacs+ enable

    This way if the tacacs server is server is down or unreachable, the switch will attempt to reach the server 3 or 4 times than after failing will allow the local account to logon. If the tacac server is reachable, the local accounts are locked out.

    If you have physical access to the switch, a recovery is pretty simple. If not you could try to set up a local tacac server on your computer. After all if you set up tacac on the switch you should know the server address and shared key. Should work if you on the same subnet, but not if it's set for a different one. 
     
    Still searching for the corner in a round room.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.