Skip navigation
Login   |   Register
Cisco Learning Home > CCNA Security Study Group > Discussions
3449 Views 12 Replies Latest reply: Apr 18, 2014 7:46 AM by Sandeep RSS

Currently Being Moderated

security authentication failure rate - not working for me?

Feb 18, 2012 4:09 PM

Joshua Johnson - CCNP R&S 6,067 posts since
Sep 22, 2009

Hey all,

 

I'm using a 3725 router testing out the security authentication failure rate 3 log command and I'm not sure how to get it to work.

 

I tried telneting to the router and purposely failing the login may times (over 3) and it's not delaying for 15 seconds.

I've also tried failing the console login several times and still no delay.

 

Can someone explain how this feature works and tell me what I'm doing wrong please?

 

Here's my router config just for reference...

 

 

ISP1#show run
Building configuration...

 

Current configuration : 1666 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP1
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
enable secret 5 $1$Uh8C$zXKvhjpWBSlmB2bxu1rXQ.
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
!        
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
  hidekeys
!
!
!
!
!
!
!
!
interface Loopback0
ip address 11.11.11.11 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.2 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
interface Serial0/2
no ip address
shutdown
clock rate 2000000
!
interface Serial0/3
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet1/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
router bgp 2
no synchronization
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 11.11.11.11 mask 255.255.255.255
network 192.168.1.0 mask 255.255.255.252
neighbor 192.168.1.1 remote-as 1
neighbor 192.168.1.1 password 5 cisco
no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
password cisco
logging synchronous
login   
line aux 0
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
!
end

 

ISP1#

Actions

More Like This

  • Retrieving data ...

Bookmarked By (1)