RE: CISCO Catalyst

To create a user:

Router> enable
Router# conf t
Router(config)# username MYUSER password MYPASSWORD (optionally specify
privilege level)

To log commands issued, you need a TACACS+ or RADIUS server and need to
enable aaa accounting:

Router(config)# aaa new-model
Router(config)# aaa accounting commands 0 MYACCTLIST
Router(config)# aaa accounting commands 15 MYACCTLIST
Router(config)# aaa accounting exec MYACCTLIST
Router(config)# aaa accounting config-commands MYACCTLIST (you may not
have this option)
Router(config)# line vty 0 15
Router(config)# accounting commands 0 MYACCTLIST
Router(config)# accounting commands 15 MYACCTLIST
Router(config)# accounting exec MYACCTLIST
Router(config)# accounting config-commands MYACCTLIST
Router(config)# radius-server host key RADIUSPASSWORD

To specify password options:

Router(config)# security authentication failure rate 3
Router(config)# security password min-length 8

Keep in mind, based on your IOS level, you may or may not have the same
commands/syntax that I do. Just issue a '?' if you get stuck and use
the context-sensitive help.

Hope this helps!

Aaron T. Rohyans
IT Coordinator

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of pepsdiaz@xxxxxxxxx
Sent: Wednesday, January 23, 2008 4:27 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: CISCO Catalyst

Dear all,

I need to audit a CISCO Catalyst 6509 and 2950. I would like to know, if
you can set up several users in order log their activities on it and how
to do that.
Besides, I would like to know if you can set up password protection
measures like:
- Change password periodically.
- Lenght of password
- Historical of password

Can you set up more than one user role or just the administrator?

Thanks in advance to everybody.

This email has been scanned by the MessageLabs Email Security System.
For more information please visit