Debian Admin

Debian/Ubuntu Linux System Administration Tutorials,Howtos,Tips

  • RSS Subscribe

    subscribe to the Debian Admin RSS feed

  • Sponsors



  • Categories

  • Sponsors

  • Support DebianAdmin

    Amount $:
    Website(Optional):


  • Meta

  • Archives



« Howto setup cisco router Hostnames
Quick PDF sorting and searching: SWISH++ »

Howto Setup Cisco Router Enable Password

Posted by Admin on November 14th, 2007

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

There are five passwords used to secure your Cisco routers: console, auxiliary, telnet (VTY),enable password, and enable secret. Just as you learned earlier in the chapter, the first two passwords are used to set your enable password that’s used to secure privileged mode. This will prompt a user for a password when the enable command is used. The other three are used to configure a password when user mode is accessed either through the console port, through the auxiliary port, or via Telnet.

Setup Enable Passwords

You set the enable passwords from global configuration mode like this

Router(config)#enable ?

last-resort – Define enable action if no TACACS servers respond

password – Assign the privileged level password

secret – Assign the privileged level secret

use-tacacs – Use TACACS to check enable passwords

The following points describe the enable password parameters

Last-resort – Allows you to still enter the router if you set up authentication through a TACACS
server and it’s not available. But it isn’t used if the TACACS server is working.

Password – Sets the enable password on older, pre-10.3 systems, and isn’t ever used if an enable
secret is set.

Secret – Is the newer, encrypted password that overrides the enable password if it’s set.

Use-tacacs – This tells the router to authenticate through a TACACS server. It’s convenient if you
have anywhere from a dozen to multitudes of routers.

Here’s an example of setting the enable passwords

Router(config)#enable secret admin

Router(config)#enable password admin

The enable password you have chosen is the same as your enable secret. This is not recommended. Re-enter the enable password.

If you try to set the enable secret and enable passwords the same, the router will give you a nice, polite warning to change the second password. If you don’t have older legacy routers,don’t even bother to use the enable password.

  • Share/Bookmark

You can leave a response, or trackback from your own site.

2 Responses to “Howto Setup Cisco Router Enable Password”

  1. francis Says:
    May 9th, 2008 at 5:32 pm

    Cisco 2821

    When i log into it using telnet i log in and its automatically logged in on enable mode.

    How can i make it so i can have the the normal prompt and then if i type enable it will ask for pass and then enter config.

  2. helper Says:
    May 25th, 2009 at 9:38 pm

    To set a password ona router where you log in by telnet do:
    - go to the enable mode (type “enable”)
    - go to global configuration (type “config”)
    - pick a line which is used by telnet connection (type “line vty 0 4″ or “line vty 0 15″)
    - type “login”
    _ type “password YOUR_PASSWORD”
    From now on when you log into this router using telnet you will by asked for a password

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« Howto setup cisco router Hostnames
Quick PDF sorting and searching: SWISH++ »