Comware Based
1748181 Members
3373 Online
108759 Solutions
New Discussion

Re: TACACs locked out of switch - SNMP Set domain default?

 
qos
Advisor

TACACs locked out of switch - SNMP Set domain default?

 

Hi,

 

I forgot to change domain default to new domain and now I'm locked out of the switch. Is it possible to change this using SNMP set operation or change vty to authenticate using a password rather than scheme?

 

domain default enable system
#
hwtacacs scheme test
 primary authentication 1.2.3.4
 primary authorization 1.2.3.4
 primary accounting 1.2.3.4
 nas-ip 192.168.10.1
 key authentication
 key authorization
 key accounting
#
radius scheme system
 primary authentication 127.0.0.1 1645
 primary accounting 127.0.0.1 1646
 user-name-format without-domain
#
domain test
 authentication login hwtacacs-scheme test local
 authorization login hwtacacs-scheme test local
 accounting login hwtacacs-scheme test local
 authorization command hwtacacs-scheme test local
 accounting command hwtacacs-scheme test
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
domain system
 access-limit disable
 state active
 idle-cut disable
 self-service-url disable
#
user-interface aux 0
 authentication-mode scheme
 command authorization
 command accounting
 idle-timeout 60 0
user-interface aux 1
 authentication-mode scheme
 command authorization
 command accounting
user-interface vty 0 15
 authentication-mode scheme
 command authorization
 command accounting
 protocol inbound ssh

1 REPLY 1
sdide
Respected Contributor

Re: TACACs locked out of switch - SNMP Set domain default?

Hi,

 

just log in using the old domain (the not default one).

 

ssh user@old_domain@fqdn_of_switch

 

Works like a charm.

 

Regards

 

Søren Dideriksen, Network Administrator
Region Midtjylland