Guest

Preview Tool

Cisco Bug: CSCuq19929 - ASR9000v config is missing "privilege level 15" command under "line vty"

Last Modified

Feb 03, 2017

Products (1)

  • Cisco ASR 9000 Series Aggregation Services Routers

Known Affected Releases

4.3(1)

Description (partial)

Symptom:
ASR9000v hasn't "privilege level 15" command under "line vty" section:

- working ASR900v:

line vty 0 4
  privilege level 15
  no login
!

- affected router:

line vty 0 4
  no login
!

If NV satellite is configured with "secret" then "login local" is configured:

nv
  satellite 562
   type asr9000v
   secret very_secure_password
   ipv4 address 1.5.6.2
  !

line vty 0 4
  login local
  length 0
!

Symptoms:

1. with "secret" there is no difference in behavior:
User logs on 9000v via telnet, enters root credentials and is in enable 15 mode by default

2. Without "secret":
- working: user logs on 9000v via telnet without password and is in enable 15 mode by default
- failing: user logs on 9000v via telnet without password and is in unprivileged mode, enable command doesn't work:

RP/0/RSP0/CPU0:ASR-9K#telnet vrf Satelliten-Management 1.5.6.2
Trying 1.5.6.2...
Connected to 1.5.6.2.
Escape character is '^^'.
LC:Satellite>	<= not in enable mode
LC:Satellite>
LC:Satellite>en
% No password set 	<= enable mode not possible

Conditions:
New ASR9000v router
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.