3 Replies Latest reply: May 30, 2015 6:47 AM by Meran RSS

    Router wont let me in!

    Amos

      Hi guys.

       

      I have an issue om my hands. My boss asked me to change the passwords

      on our network RTR's,

      I logged into the 1st one and removed the enable password (no enable password............)

      and copied to memory (wr) i got distracted for a while and found the RTR had kicked me out

      so i telnetted back in, entered the password, next i typed enable and this is the error

      i get

      cisco4-Bk>en

      % No password set,

       

      what can I do please?

       

      on the other RTR i have successfuly changed the passwords but the enable password wont

      take effect and is directing me straight to the privelledged exec mode instead of asking me

      for the password first! Im puzzled!

        • 1. Re: Router wont let me in!
          Keith Barker - CCIE RS/Security, CISSP

          Hello Amos-

           

          On the routers that take you directly into privileged mode, I am assumining that is when you are using telnet.   It is likely this is in place:


          line vty 0 4

          privilege level 15

           

          A password for telnet may or may not be required, but when you connect, it immediately puts you at privileged mode (which is level 15).     To correct just this part of it, use this:

           

          conf t

          line vty 0 4

          no privilege level 15

          end

           

          Now, when you connect to this router, (and place a password if required for the telnet session), it will place you at the default privilege level 1 (user mode), and then the user can type in enable and use the enable password/secret to get into privileged mode.

           

          Before you exit this router being configured, make sure there is an enable secret set.   On the first router you mentioned, that is what the problem seems to be.     The router doesn't want to allow a telnet user to move into privileged mode (when using telnet), if there is no enable password/secret set.   On that router, if you connect to the console port, it should allow you to go into privileged mode, and then you can set the enable secret/password.   Once set, the telnet should allow the users connected via telnet to type in enable, and move from user mode to privileged mode.

           

          Best wishes,

           

          Keith

          • 2. Re: Router wont let me in!
            Amos

            Thank you so much Keith, I have set my priv level to 15 meaning the router will take me directly to exec mode due to the highness of the privellege 15. i lowered it to no privellege and it is performing as i want it to.

            On the other one, am sure you are right too only its a remote site and i have to travel there to console in.

             

            thank you once again!

            • 3. Re: Router wont let me in!
              Meran

              Thank you,, the post is very very helpfull!