206
Chapter 4
Introduction to the Cisco IOS
Use-tacacs Tells the router to authenticate through a TACACS server.
It's convenient if you have dozens or even hundreds of routers, because,
well, would you like to change the password on 200 routers? If you go
through the TACACS server, you only have to change the password once.
Router(config)#enable secret todd
Router(config)#enable password todd
The enable password you have chosen is the same as your
enable secret. This is not recommended. Re-enter the
enable password.
If you try and set the enable secret and enable passwords the same, the router
will give you a nice, polite warning to change the second password. If you don't
have older legacy routers, don't even bother to use the enable password.
User-mode passwords are assigned by using the line command:
Router(config)#line ?
<0-4> First Line number
aux Auxiliary line
console Primary terminal line
vty Virtual terminal
Aux Sets the user-mode password for the auxiliary port. It's usually
used for configuring a modem on the router, but it can be used as a con-
sole as well.
Console Sets a console user-mode password.
Vty Sets a Telnet password on the router. If this password isn't set, then
Telnet can't be used by default.
To configure the user-mode passwords, you configure the line you want
and use either the login or no login command to tell the router to prompt
for authentication. The next section will provide a line-by-line example of
each line configuration.
Auxiliary Password
To configure the auxiliary password, go into global configuration mode and
type line aux ?. You can see that you only get a choice of 00. That's
because there's only one port:
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com