Security Basics mailing list archives
Re: credentinals issue in cisco router. please advice all the cisco masters in the list!
From: "Burian, Matthew J. (mjb)" <mjb () burianit com>
Date: Mon, 22 Mar 2010 22:52:01 -0400
I'm thinking you'll want to add the configuration statement "login local" to your telnet interface (line vty 0 4). This will enable telnet authentication against the local user database on the router. Then you can create as many user names and passwords as you want, locally on the router, for administration use. Matt On Sun, Mar 21, 2010 at 1:00 PM, <mzcohen2682 () aim com> wrote:
hi, I am posting here the configuration of the router. I have a strange problem. after configuring vpn so the users of the company can connect throw vpn client to site to the company. suddenly when I want to connect to the router it self throw telnet in order to change router config etc the router prompt me to supply username and password so I need to supply the same username/password for the vpn users ! I want to have a different user/password to connect to the router! what went wrong in the router configuration? thanks a lot ! Marco MARIO>enable Password: MARIO#sh run Building configuration... Current configuration : 4851 bytes ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption no service dhcp ! hostname mario ! boot-start-marker boot-end-marker ! logging buffered 4096 debugging enable secret 5 $1$3XXXXXkRQonH.zmpZ3XXX1G0 enable password 7 0111XXXXXXXX800 ! username martin password 7 0XXXXXXXXXX00 aaa new-model ! ! aaa authentication login default local aaa authentication ppp default local aaa authorization network default none aaa session-id common ip subnet-zero ip cef no ip dhcp conflict logging ip dhcp excluded-address 192.168.8.1 192.168.8.100 ! ip dhcp pool pool1 network 192.168.8.0 255.255.255.0 default-router 192.168.8.2 dns-server 20.XXXXXX 192.XXXXX 20.XXXXXX ! ! ip dhcp-server 192.168.8.2 vpdn enable ! vpdn-group 1 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! no ftp-server write-enable ! ! ! ! ! ! ! interface Tunnel8 description Tunel Central ip unnumbered FastEthernet4 ip route-cache flow no ip mroute-cache tunnel source FastEthernet4 tunnel destination 19XXXXXXX ! interface Tunnel351 description Tunel sucursal ip unnumbered FastEthernet4 ip route-cache flow no ip mroute-cache tunnel source FastEthernet4 tunnel destination 20.XXXXXXXXXX ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 no ip address ! interface FastEthernet4 ip address 22.XXXXXXXX 255.255.255.252 ip access-group 110 in no ip unreachables no ip proxy-arp ip nat outside ip virtual-reassembly duplex auto speed auto ! interface Virtual-Template1 ip unnumbered FastEthernet4 peer default ip address pool gruPTP no keepalive ppp authentication ms-chap ms-chap-v2 ! interface Vlan1 ip address 192.XXXXX 255.255.255.0 ip access-group 111 in ip nat inside ip virtual-reassembly ip route-cache flow ! ip local pool grupoIPclientePPTP 192.168.XXXXX 192.168.XXXXXX ip default-gateway 20XXXXXX ip classless ip route 0.0.0.0 0.0.0.0 204.60.72.194 ip route 192.168.0.0 255.255.0.0 Tunnel8 ip route 192.168.1.0 255.255.255.0 Tunnel8 ip route 192.168.5.0 255.255.255.0 Tunnel8 ip route 192.168.8.0 255.255.255.0 Vlan1 ip route 192.168.81.0 255.255.255.0 Tunnel351 ! no ip http server no ip http secure-server ip nat pool traduccion 204XXXXXXXXX 20XXXXXXXX netmask 255.255.255.252 ip nat inside source list 100 pool traduccion overload ip nat inside source static tcp 192.168.8.7 25 20XXXXXXXXX 25 extendable ip nat inside source static tcp 192.168.8.7 80 20.XXXXXXXX 80 extendable ip nat inside source static tcp 192.168.8.7 110 20.XXXXXXXXX 110 extendable ip nat inside source static tcp 192.168.8.7 143 20.XXXXXXX 143 extendable ip nat inside source static tcp 192.168.8.7 5900 20.XXXXXXXXXXXXX 6007 extendable ! access-list 100 permit ip 192.168.8.0 0.0.0.255 any access-list 110 permit ip 192.168.0.0 0.0.255.255 any access-list 110 permit ip 19XXXXXXXX 0.0.31.255 any a access-list 110 permit gre host 20.xxxxxxxx host 20.xxxxxxxxxxx access-list 111 permit ip any any ! control-plane ! ! line con 0 no modem enable transport preferred all transport output all line aux 0 transport preferred all transport output all line vty 0 4 password 7 105C060C111200535B55 transport preferred all transport input all transport output all ! scheduler max-task-time 5000 end mARIO# ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- credentinals issue in cisco router. please advice all the cisco masters in the list! mzcohen2682 (Mar 22)
- Re: credentinals issue in cisco router. please advice all the cisco masters in the list! Burian, Matthew J. (mjb) (Mar 24)