Telnet Lgoin

dazl1212

Hi guys,
When using the "Login Local" command in Telnet do you still need to set a specific telnet password?
Sorry for the misspelling in the thread title

xXErebuS

No but you need a local username / password.

dazl1212

Odd I did it in Packet Tracer and it didn't work till I set a password on the Line VTY 0 14

dazl1212

weird it worked when I left it for a while and typed login local again

theodoxa

1. Router>en
2. Router#config t
3. Router(config)#user admin secret password
4. Router(config)#line vty 0 15
5. Router(config-line)#trans in ssh
6. Router(config-line)#login local
7. Router(config-line)#end
8. Router#wr

1. Enters Enable/Priviledged Mode
2. Enters Global Configuration Mode
3. Creates a User "admin" with a Password "password" that is stored encrypted (with I believe MD5). You could also type user admin password password if you want the password to remain unencrypted.
4. Enters Line Configuration Mode
5. Allows only SSH Connections. Use trans in telnet or trans in telnet ssh if you would prefer to only allow Telnet (some IOS images don't support SSH, making Telnet the only option until you upgrade the IOS) or allow both.
6. [EDIT] Uses a Local User Account
7. Returns to Enable/Priviledged Mode
8. Saves Your Configuration to NVRAM

Zartanasaurus

login - Use the password configured under line config mode.
login local - Consult the local username database configured in global config mode.

gregorio323

theodoxa wrote: »

1. Router>en
2. Router#config t
3. Router(config)#user admin secret password
4. Router(config)#line vty 0 15
5. Router(config-line)#trans in ssh
6. Router(config-line)#login local
7. Router(config-line)#end
8. Router#wr

1. Enters Enable/Priviledged Mode
2. Enters Global Configuration Mode
3. Creates a User "admin" with a Password "password" that is stored encrypted (with I believe MD5). You could also type user admin password password if you want the password to remain unencrypted.
4. Enters Line Configuration Mode
5. Allows only SSH Connections. Use trans in telnet or trans in telnet ssh if you would prefer to only allow Telnet (some IOS images don't support SSH, making Telnet the only option until you upgrade the IOS) or allow both.
6. Uses Local AAA Authentication [or at least that is how I understood it from Lammle's book.]
7. Returns to Enable/Priviledged Mode
8. Saves Your Configuration to NVRAM

On step 6. It uses local user accounts that were created by the "username" statement. For AAA authentication you need to enable 'aaa new-model' in global config. In addition to take a different authentication method than the default you would use under the line configuration 'login authentication <name of aaa authentication>/Default'

theodoxa

gregorio323 wrote: »

On step 6. It uses local user accounts that were created by the "username" statement.

That's what I had thought (just a local user account), but then I had read something about how a router could act as both the Authentication Server and Authenticator to perform AAA without the need for a separate [TACACS+ or RADIUS] server and that had me wondering.

dazl1212

Thanks dude s I think its a problem with PT to be honest. The -ssh command in the clients doesn't work either

dazl1212

I am working my way through the CTN ebook on PT and on Lab 4 I have set everything up as it says in the book. Configured the IP hosts on each router etc...
I can telnet from one Router to the next using the hostname (E.g telnet Cbuilding1) but if I try to telnet from a PC to a router it comes up with a host not found error. I have set up the IP settings of the PC and set the DNS server as Router 1.
I have no idea why its not working, any ideas?

gregorio323

theodoxa wrote: »

That's what I had thought (just a local user account), but then I had read something about how a router could act as both the Authentication Server and Authenticator to perform AAA without the need for a separate [TACACS+ or RADIUS] server and that had me wondering.

Are you talking about 'views' configured on a Cisco Router?