Howto Setup Cisco Router Enable Password

 Network  Add comments
Nov 142007
 

    There are five passwords used to secure your Cisco routers: console, auxiliary, telnet (VTY),enable password, and enable secret. Just as you learned earlier in the chapter, the first two passwords are used to set your enable password that’s used to secure privileged mode. This will prompt a user for a password when the enable command is used. The other three are used to configure a password when user mode is accessed either through the console port, through the auxiliary port, or via Telnet.

    Setup Enable Passwords

    You set the enable passwords from global configuration mode like this

    Router(config)#enable ?

    last-resort -- Define enable action if no TACACS servers respond

    password -- Assign the privileged level password

    secret -- Assign the privileged level secret

    use-tacacs -- Use TACACS to check enable passwords

    The following points describe the enable password parameters

    Last-resort -- Allows you to still enter the router if you set up authentication through a TACACS
    server and it’s not available. But it isn’t used if the TACACS server is working.

    Password -- Sets the enable password on older, pre-10.3 systems, and isn’t ever used if an enable
    secret is set.

    Secret -- Is the newer, encrypted password that overrides the enable password if it’s set.

    Use-tacacs -- This tells the router to authenticate through a TACACS server. It’s convenient if you
    have anywhere from a dozen to multitudes of routers.

    Here’s an example of setting the enable passwords

    Router(config)#enable secret admin

    Router(config)#enable password admin

    The enable password you have chosen is the same as your enable secret. This is not recommended. Re-enter the enable password.

    If you try to set the enable secret and enable passwords the same, the router will give you a nice, polite warning to change the second password. If you don’t have older legacy routers,don’t even bother to use the enable password.

    Related content:

    1. Howto Setup Cisco Router Auxiliary,Console and Telnet Passwords
    2. Howto Recover Cisco Router Password
    3. How to configure TACACS to work with the Juniper/Netscreen firewall
    4. How do I reset the enable password on the Bluecoat ProxySG
    5. Enable and Disable Ubuntu Root Password

    Incoming search terms:

       Posted by at 1:00 pm
      • francis

        Cisco 2821

        When i log into it using telnet i log in and its automatically logged in on enable mode.

        How can i make it so i can have the the normal prompt and then if i type enable it will ask for pass and then enter config.

      • helper

        To set a password ona router where you log in by telnet do:
        - go to the enable mode (type “enable”)
        - go to global configuration (type “config”)
        - pick a line which is used by telnet connection (type “line vty 0 4″ or “line vty 0 15″)
        - type “login”
        _ type “password YOUR_PASSWORD”
        From now on when you log into this router using telnet you will by asked for a password

      • suresh

        on basic configuration i given ip for interface and given line vty password, but forgotton togive enable password on giving remote access.
        is there any possibility to give password on remotely?. if there how?
        pls explain me.

      • rayudu

        how to enable routers through ssh any idea and commands ragarding this

      QR Code Business Card