Enable password & Enable Secret

Sa'adSa'ad Member Posts: 150 ■■■□□□□□□□
Hello Fellows, I'm configuring a 1912 and 2950 switches using Boson's Netsim for CCNA. I'm doing chapter 7 of sybex 5, Todd says the enable password and enable secret must be different on the 2950 switch, but I was able to set the same password and didn't get any errors, is this a bug in netsim or is Todd wrong?

The other error I encountered is when setting the line passwords on a 2950 switch.

switch(config)#line vty 0 15
switch(config-line)#login (when I hit enter from here I get error saying "login is disabled on line 0 until password is set" is this a netsim error? because following Todd's example in the book after he goes to the next line he sets the password as follows and doesn't mention any error.
switch(config-line)#password telnet

However I was able to setup the line passwords as follows.

switch(config)#line vty 0 15
switch(config-line)#password whatever
swtich(config-line)#login

But I couldn't do it like Todd did and do the login first then the password.

This might be quite confusing but whoever reads through this with patience and responds with some confirmation is really appreciated in advance, Thank you much.!
INE v4 volume 1

Comments

  • optimusoptimus Member Posts: 183
    I hate to say it, but as much as I like the Lammel book, it does have obvious errors (unless I am mistaken of course). For instance the 2950 switch must use the 'VLAN DATABASE' command in order for you to set up the VLAN. However, Todd icon_shaking.gif just goes ahead on, and between pages 410-420 if you try to do what he is saying, you will be knocking you head against the Netsim crash.gif (I also have it), because it doesn't work. I don't know what he was thinking when he was writing that part of the book. icon_scratch.gif The Odum book is correct though, and shows you how to use VLAN DATABASE with a 2950. :D So don't always believe there is something up with Netsim, when in fact, it is the book that is not right!

    0ptimus icon_thumright.gif
  • determinedgermandeterminedgerman Member Posts: 168
    Alright,

    Here is to your first error:

    Cisco recommends to use different passwords for the enable password and the secret password for the obvious reason that if the enable password is compromised you still have another layer of security. I am pretty sure that you do not have to have two different passwords. you can use one for the enable password and the same for the secret password.

    Second error:

    Again here you have to set a Telnet password. If you set login on the VTY line you have to configure a password on it with the password command. Now you can also use the "login local" command but only if you have set up a username and password for the user. You can prevent logins on any line by using the login command and then use the no password command. That will prevent anyone to log into the router via that line.

    Hope this helps....
  • Sa'adSa'ad Member Posts: 150 ■■■□□□□□□□
    Thanks to both of you I guess I need to start reading the Odom books. I'm using the sybex as an Introduction kind of because it is much easier to understand, I have the odom books as well which I'll be reading and practicing the labs right after finishing the sybex. Thanks guys!
    INE v4 volume 1
  • optimusoptimus Member Posts: 183
    Don't get me wrong, I like the Lammel book also. And in fact - YOU PROBABLY NEED IT IF YOU WANT TO PASS! :o Use both books. Both compliment each other for what the other has/doesn't have and both have strengths/weaknesses. As you learn more about the CCNA, you will discover what those are for yourself. And if you haven't then you are not ready to take the CCNA.

    0ptimus icon_thumright.gif
  • SVSV Member Posts: 166
    "Todd says the enable password and enable secret must be different on the 2950 switch"

    What Todd said was that it is not advisable to have the same password. If both the password are the same then whats the use of the secret?

    Even I used the Router Sim and the same book. I believe the book is good to a great extend excluding the WAN section. But let me tell you that its really hard to clear the paper just with Todd's book.
    Life is a journey...
  • Sa'adSa'ad Member Posts: 150 ■■■□□□□□□□
    Thanks for your help SV, I got both the Sybex and Cisco press books by Odom.

    But in the sybex book Todd does not only say you can't use the same password on the 2950 but even shows an error generated when he himself tried to setup the same enable and secret passowrd on his switch and he has that in the book. Refer to page 366 on sybex 5 he says it must be different he doesn't say it is recommended.
    INE v4 volume 1
  • garv221garv221 Member Posts: 1,914
    enable secret.

    Then:

    (config)#line console 0
    (config-line)#password <console password>
    (config-line)#login
    (config)#line vty 0 4
    (config-line)#password <telnet password>
    (config-line)#login
Sign In or Register to comment.