EasyManuals Logo
Home>Cisco>Network Router>4500M

Cisco 4500M User Manual

Cisco 4500M
608 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #63 background imageLoading...
Page #63 background image
3-15
Software Configuration Guide—Release 12.2(25)EW
OL-6696-01
Chapter 3 Configuring the Switch for the First Time
Controlling Access to Privileged EXEC Commands
For information on how to display the password or access level configuration, see the “Displaying the
Password, Access Level, and Privilege Level Configuration” section on page 3-17.
Setting TACACS+ Password Protection for Privileged EXEC Mode
For complete information about TACACS+ and RADIUS, refer to these publications:
The “Authentication, Authorization, and Accounting (AAA)” chapter in the Cisco IOS Security
Configuration Guide, Release 12.2, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/secur_c/scprt1/index.htm
Cisco IOS Security Command Reference, Release 12.2, at the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/secur_r/index.htm
To set the TACACS+ protocol to determine whether or not a user can access the privileged EXEC mode,
perform this task:
When you set TACACS password protection at the privileged EXEC mode, the enable EXEC command
prompts you for a new username and a new password. This information is then passed to the TACACS+
server for authentication.
If you use extended TACACS, another extension to the older TACACS protocol that provides additional
functionality, it also passes any existing UNIX user identification code to the TACACS+ server.
Extended TACACS provides information about protocol translator and router use. This information is
used in UNIX auditing trails and accounting files.
Note When used without extended TACACS, the enable use-tacacs command allows anyone with a valid
username and password to access the privileged EXEC mode, creating a potential security risk. This
problem occurs because the query resulting from entering the enable command is indistinguishable from
an attempt to log in without extended TACACS.
Encrypting Passwords
Because protocol analyzers can examine packets (and read passwords), you can increase access security
by configuring the Cisco IOS software to encrypt passwords. Encryption prevents the password from
being readable in the configuration file.
To configure the Cisco IOS software to encrypt passwords, perform this task:
Command Purpose
Switch(config)# enable use-tacacs
Sets the TACACS-style user ID and
password-checking mechanism for the privileged
EXEC mode.
Command Purpose
Switch(config)# service password-encryption
Encrypts a password.

Table of Contents

Other manuals for Cisco 4500M

Preview: Command Reference
Command Reference578 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 4500M and is the answer not in the manual?

Cisco 4500M Specifications

General IconGeneral
BrandCisco
Model4500M
CategoryNetwork Router
LanguageEnglish

Related product manuals