436
Chapter 11
Access Policies
(config)#exit
#exit
CLI session with the switch is now closed.
Press any key to continue.
At this point, you can press Enter and test your passwords. You will be
prompted for a usermode password after you press K and then an enable
mode password after you type enable. Remember that the enable secret
password always supercedes an enable password. On a CLI-based switch,
use the enable secret command, just as you would with any router:
(config)#enable secret sanfran
You can use a show running-config to see the current configuration on
the switch:
#sh run
Building configuration...
Current configuration:
enable secret 5 $1$FMFQ$wFVYVLYn2aXscfB3J95.w.
enable password level 1 "TODD"
enable password level 15 "TODD1"
Notice that the enable mode passwords are not encrypted by default, but
the enable secret is. This is the same password configuration technique that
you will find on a router. The passwords are not case sensitive.
You can set the session time-out on a CLI-based switch with the time-
out
command under the line console:
(config)#line console
(config)#time-out 300
The time-out command is set in seconds (300 seconds is 5 minutes).
Setting Passwords on a Set-Based Switch
To configure the usermode and privilege mode passwords on a set-based
switch, use the command set password for the usermode password and the
command set enablepass for the enable password.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com