- Community Home
- >
- Networking
- >
- Legacy
- >
- Switching and Routing
- >
- Re: Not able to restrict for console access
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2020 05:41 AM
11-05-2020 05:41 AM
Hi Team,
we have enable SSH and console access configuration on HPE Router 6802 but remote access is working find with SSH but not asking login credentials while connect with console. Could you suggest on this.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2020.11.05 18:23:19 =~=~=~=~=~=~=~=~=~=~=~=
dis
[A2 & B2 Rack-6802Router]display cur
[A2 & B2 Rack-6802Router]display current-configuration
#
version 7.1.064, Release 7809P20
#
mdc Admin id 1
#
sysname A2 & B2 Rack-6802Router
#
irf mac-address persistent always
irf auto-update enable
irf auto-merge enable
undo irf link-delay
irf member 1 priority 1
irf member 2 priority 1
#
password-recovery enable
#
vlan 1
#
irf-port 1/1
port group interface Ten-GigabitEthernet1/2/0/22 mode enhanced
port group interface Ten-GigabitEthernet1/2/0/23 mode enhanced
#
irf-port 2/2
---- More ---- port group interface Ten-GigabitEthernet2/2/0/22 mode enhanced
port group interface Ten-GigabitEthernet2/2/0/23 mode enhanced
#
interface Route-Aggregation10
description *** Uplink towards A1-Rack 5900 switch ***
ip address 172.17.55.9 255.255.255.192
link-aggregation mode dynamic
mad enable
#
interface NULL0
#
interface GigabitEthernet1/2/0/0
port link-mode route
#
interface GigabitEthernet1/2/0/1
port link-mode route
#
interface GigabitEthernet1/2/0/2
port link-mode route
#
interface GigabitEthernet1/2/0/3
port link-mode route
#
---- More ---- interface GigabitEthernet1/2/0/4
port link-mode route
#
interface GigabitEthernet1/2/0/5
port link-mode route
#
interface GigabitEthernet1/2/0/6
port link-mode route
#
interface GigabitEthernet1/2/0/7
port link-mode route
#
interface GigabitEthernet1/2/0/8
port link-mode route
#
interface GigabitEthernet1/2/0/9
port link-mode route
#
interface GigabitEthernet1/2/0/10
port link-mode route
#
interface GigabitEthernet1/2/0/11
port link-mode route
---- More ---- #
interface GigabitEthernet1/2/0/12
port link-mode route
#
interface GigabitEthernet1/2/0/13
port link-mode route
#
interface GigabitEthernet1/2/0/14
port link-mode route
#
interface GigabitEthernet1/2/0/15
port link-mode route
#
interface GigabitEthernet1/2/0/16
port link-mode route
#
interface GigabitEthernet1/2/0/17
port link-mode route
#
interface GigabitEthernet1/2/0/18
port link-mode route
#
interface GigabitEthernet1/2/0/19
---- More ---- port link-mode route
#
interface GigabitEthernet1/2/0/20
port link-mode route
description *** Uplink towards A1-Rack 5900sw1 ***
port link-aggregation group 10
#
interface GigabitEthernet1/2/0/21
port link-mode route
description *** Uplonk towards A1-Rack 5900sw2 ***
port link-aggregation group 10
#
interface GigabitEthernet1/3/0/0
port link-mode route
#
interface GigabitEthernet1/3/0/1
port link-mode route
#
interface GigabitEthernet1/3/0/2
port link-mode route
#
interface GigabitEthernet1/3/0/3
port link-mode route
---- More ---- #
interface GigabitEthernet1/3/0/4
port link-mode route
#
interface GigabitEthernet1/3/0/5
port link-mode route
#
interface GigabitEthernet1/3/0/6
port link-mode route
#
interface GigabitEthernet1/3/0/7
port link-mode route
#
interface GigabitEthernet1/3/0/8
port link-mode route
#
interface GigabitEthernet1/3/0/9
port link-mode route
#
interface GigabitEthernet1/3/0/10
port link-mode route
#
interface GigabitEthernet1/3/0/11
---- More ---- port link-mode route
#
interface GigabitEthernet1/3/0/12
port link-mode route
#
interface GigabitEthernet1/3/0/13
port link-mode route
#
interface GigabitEthernet1/3/0/14
port link-mode route
#
interface GigabitEthernet1/3/0/15
port link-mode route
#
interface GigabitEthernet1/3/0/16
port link-mode route
#
interface GigabitEthernet1/3/0/17
port link-mode route
#
interface GigabitEthernet1/3/0/18
port link-mode route
#
---- More ---- interface GigabitEthernet1/3/0/19
port link-mode route
#
interface GigabitEthernet1/3/0/20
port link-mode route
description *** Uplonk towards A1-Rack 5900sw1 ***
port link-aggregation group 10
#
interface GigabitEthernet1/3/0/21
port link-mode route
description *** Uplonk towards A1-Rack 5900sw2 ***
port link-aggregation group 10
#
interface GigabitEthernet2/2/0/0
port link-mode route
#
interface GigabitEthernet2/2/0/1
port link-mode route
#
interface GigabitEthernet2/2/0/2
port link-mode route
#
interface GigabitEthernet2/2/0/3
---- More ---- port link-mode route
#
interface GigabitEthernet2/2/0/4
port link-mode route
#
interface GigabitEthernet2/2/0/5
port link-mode route
#
interface GigabitEthernet2/2/0/6
port link-mode route
#
interface GigabitEthernet2/2/0/7
port link-mode route
#
interface GigabitEthernet2/2/0/8
port link-mode route
#
interface GigabitEthernet2/2/0/9
port link-mode route
#
interface GigabitEthernet2/2/0/10
port link-mode route
#
---- More ---- interface GigabitEthernet2/2/0/11
port link-mode route
#
interface GigabitEthernet2/2/0/12
port link-mode route
#
interface GigabitEthernet2/2/0/13
port link-mode route
#
interface GigabitEthernet2/2/0/14
port link-mode route
#
interface GigabitEthernet2/2/0/15
port link-mode route
#
interface GigabitEthernet2/2/0/16
port link-mode route
#
interface GigabitEthernet2/2/0/17
port link-mode route
#
interface GigabitEthernet2/2/0/18
port link-mode route
---- More ---- #
interface GigabitEthernet2/2/0/19
port link-mode route
#
interface GigabitEthernet2/2/0/20
port link-mode route
description *** Uplonk towards A1-Rack 5900sw1 ***
port link-aggregation group 10
#
interface GigabitEthernet2/2/0/21
port link-mode route
description *** Uplonk towards A1-Rack 5900sw2 ***
port link-aggregation group 10
#
interface GigabitEthernet2/3/0/0
port link-mode route
#
interface GigabitEthernet2/3/0/1
port link-mode route
#
interface GigabitEthernet2/3/0/2
port link-mode route
#
---- More ---- interface GigabitEthernet2/3/0/3
port link-mode route
#
interface GigabitEthernet2/3/0/4
port link-mode route
#
interface GigabitEthernet2/3/0/5
port link-mode route
#
interface GigabitEthernet2/3/0/6
port link-mode route
#
interface GigabitEthernet2/3/0/7
port link-mode route
#
interface GigabitEthernet2/3/0/8
port link-mode route
#
interface GigabitEthernet2/3/0/9
port link-mode route
#
interface GigabitEthernet2/3/0/10
port link-mode route
---- More ---- #
interface GigabitEthernet2/3/0/11
port link-mode route
#
interface GigabitEthernet2/3/0/12
port link-mode route
#
interface GigabitEthernet2/3/0/13
port link-mode route
#
interface GigabitEthernet2/3/0/14
port link-mode route
#
interface GigabitEthernet2/3/0/15
port link-mode route
#
interface GigabitEthernet2/3/0/16
port link-mode route
#
interface GigabitEthernet2/3/0/17
port link-mode route
#
interface GigabitEthernet2/3/0/18
---- More ---- port link-mode route
#
interface GigabitEthernet2/3/0/19
port link-mode route
#
interface GigabitEthernet2/3/0/20
port link-mode route
description *** Uplonk towards A1-Rack 5900sw1 ***
port link-aggregation group 10
#
interface GigabitEthernet2/3/0/21
port link-mode route
description *** Uplonk towards A1-Rack 5900sw2 ***
port link-aggregation group 10
#
interface M-GigabitEthernet1/0/0/0
#
interface Ten-GigabitEthernet1/3/0/23
port link-mode route
#
interface Ten-GigabitEthernet2/3/0/22
port link-mode route
#
---- More ---- interface Ten-GigabitEthernet2/3/0/23
port link-mode route
#
interface Ten-GigabitEthernet1/3/0/22
port link-mode bridge
#
interface Ten-GigabitEthernet1/2/0/22
description *** HA ***
#
interface Ten-GigabitEthernet1/2/0/23
description *** HA ***
#
interface Ten-GigabitEthernet2/2/0/22
description *** HA ***
#
interface Ten-GigabitEthernet2/2/0/23
description *** HA ***
#
scheduler logfile size 16
#
line class aux
authentication-mode scheme
user-role network-admin
---- More ---- #
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 1/0
user-role network-admin
#
line aux 2/0
user-role network-admin
#
line con 1/0
user-role network-admin
#
line con 2/0
user-role network-admin
#
line vty 0 4
authentication-mode scheme
user-role network-operator
protocol inbound ssh
---- More ---- #
line vty 5 63
user-role network-operator
#
ip route-static 0.0.0.0 0 172.17.55.1
ip route-static 172.17.57.0 24 172.17.55.1
#
ssh server enable
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
---- More ---- description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
---- More ---- role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$pLFzaXLVKzoiwPpf$1pRJKT00KTlNq2MMjDgr6zTeNfSP/u6VhUINhLqqqFa3CKMuu4DTF5JJqE5yLBbmvkwOg1YmGGhXyy8Y4NzIng==
service-type ssh telnet terminal
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
public-key peer 172.17.55.8
public-key-code begin
30819F300D06092A864886F70D010101050003818D0030818902818100BCF4F9F09B26FCC0
---- More ---- D7E0A27A7A3A46B3C7FF570788AB1CF7BC78813D0FE7C0814378B776220CCC69E4D0A8AC8F
97A7216621E9CE79DC0B4FA5F7B7E905F5F52E941B346BDD897A60377B5D0A2828981F95AA
74DFDA978F329EF77D3A3C96F1D7777BB34A415ACFE75765DB5648A7D36D68895BBD3B1C96
36DEADF1B3E8FD2FE50203010001
public-key-code end
peer-public-key end
#
return
[A2 & B2 Rack-6802Router] dis
[A2 & B2 Rack-6802Router]display version
HPE Comware Software, Version 7.1.064, Release 7809P20
Copyright (c) 2010-2020 Hewlett Packard Enterprise Development LP
HPE HSR6802 uptime is 0 weeks, 0 days, 0 hours, 7 minutes
Last reboot reason : User reboot
Boot image: cfa0:/HSR6800-CMW710-BOOT-R7809P20.bin
Boot image version: 7.1.064, Release 7809P20
Compiled Jun 11 2020 16:00:00
System image: cfa0:/HSR6800-CMW710-SYSTEM-R7809P20.bin
System image version: 7.1.064, Release 7809P20
Compiled Jun 11 2020 16:00:00
Slot 1/0: RT-RSE-X3 uptime is 0 week, 0 day, 0 hour, 7 minutes
Last reboot reason : User reboot
CPU type: FREESCALE P2020 1000MHz
4096M bytes DDR3 SDRAM Memory
8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 3.0
Extend Logic Version: 2.0
Basic BootWare Version: 2.07
Extend BootWare Version: 2.07
[FIXED PORTS] Console (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
---- More ---- [FIXED PORTS] AUX (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
[FIXED PORTS] MGE (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
Slot 1/2: RT-FIP-380 uptime is 0 week, 0 day, 0 hour, 5 minutes
Last reboot reason : Power on
CPU ID: 11
8192M bytes DDR4 SDRAM Memory
8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 2.0
Extend Logic Version: 1.0
Basic BootWare Version: 1.31
Extend BootWare Version: 1.31
[FIXED PORTS] 22GE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[FIXED PORTS] 2XGE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[SUBSLOT 1] The SubCard is not present
[SUBSLOT 2] The SubCard is not present
Slot 1/3: RT-FIP-380 uptime is 0 week, 0 day, 0 hour, 5 minutes
Last reboot reason : Power on
CPU ID: 11
8192M bytes DDR4 SDRAM Memory
---- More ---- 8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 2.0
Extend Logic Version: 1.0
Basic BootWare Version: 1.31
Extend BootWare Version: 1.31
[FIXED PORTS] 22GE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[FIXED PORTS] 2XGE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[SUBSLOT 1] The SubCard is not present
[SUBSLOT 2] The SubCard is not present
Slot 2/0: RT-RSE-X3 uptime is 0 week, 0 day, 0 hour, 7 minutes
Last reboot reason : User reboot
CPU type: FREESCALE P2020 1000MHz
4096M bytes DDR3 SDRAM Memory
8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 3.0
Extend Logic Version: 2.0
Basic BootWare Version: 2.07
Extend BootWare Version: 2.07
---- More ---- [FIXED PORTS] Console (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
[FIXED PORTS] AUX (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
[FIXED PORTS] MGE (Hardware)Ver.B, (Driver)1.0, (Cpld)2.0
Slot 2/2: RT-FIP-380 uptime is 0 week, 0 day, 0 hour, 5 minutes
Last reboot reason : Power on
CPU ID: 11
8192M bytes DDR4 SDRAM Memory
8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 2.0
Extend Logic Version: 1.0
Basic BootWare Version: 1.31
Extend BootWare Version: 1.31
[FIXED PORTS] 22GE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[FIXED PORTS] 2XGE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[SUBSLOT 1] The SubCard is not present
[SUBSLOT 2] The SubCard is not present
Slot 2/3: RT-FIP-380 uptime is 0 week, 0 day, 0 hour, 5 minutes
Last reboot reason : Power on
CPU ID: 11
---- More ---- 8192M bytes DDR4 SDRAM Memory
8M bytes Flash Memory
128K bytes NVRAM
PCB Version: Ver.B
Basic Logic Version: 2.0
Extend Logic Version: 1.0
Basic BootWare Version: 1.31
Extend BootWare Version: 1.31
[FIXED PORTS] 22GE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[FIXED PORTS] 2XGE (Hardware)Ver.B, (Driver)1.0, (Cpld)1.0
[SUBSLOT 1] The SubCard is not present
[SUBSLOT 2] The SubCard is not present
[A2 & B2 Rack-6802Router] dis
[A2 & B2 Rack-6802Router]display devic
[A2 & B2 Rack-6802Router]display device man
Chassis 1:
Chassis self:
DEVICE_NAME:HPE HSR6802 Router Chassis JG361B
DEVICE_SERIAL_NUMBER:CN03GY3008
MAC_ADDRESS:NONE
MANUFACTURING_DATE:2020-03-14
VENDOR_NAME:HPE
Slot 0 CPU 0:
DEVICE_NAME:HPE HSR6800 RSE-X3 Router MPU JH075A
DEVICE_SERIAL_NUMBER:CN07GXY008
MAC_ADDRESS:4CAE-A386-B9E0
MANUFACTURING_DATE:2020-07-18
VENDOR_NAME:HPE
Slot 2 CPU 0:
DEVICE_NAME:HPE HSR6800 FIP-380 Flex Int Pltfrm Mod JM050A
DEVICE_SERIAL_NUMBER:CN08KXH00X
MAC_ADDRESS:4CAE-A38A-1658
MANUFACTURING_DATE:2020-08-20
VENDOR_NAME:HPE
Slot 3 CPU 0:
DEVICE_NAME:HPE HSR6800 FIP-380 Flex Int Pltfrm Mod JM050A
DEVICE_SERIAL_NUMBER:CN08KXH006
MAC_ADDRESS:4CAE-A38A-14D8
---- More ---- MANUFACTURING_DATE:2020-08-20
VENDOR_NAME:HPE
Fan 1:
DEVICE_NAME:HP HSR6802 Router Spare Fan Assembly JG367A
DEVICE_SERIAL_NUMBER:210212A03WX20300000C
MAC_ADDRESS:NONE
MANUFACTURING_DATE:2020-03-14
VENDOR_NAME:HPE
Chassis 2:
Chassis self:
DEVICE_NAME:HPE HSR6802 Router Chassis JG361B
DEVICE_SERIAL_NUMBER:CN03GY3009
MAC_ADDRESS:NONE
MANUFACTURING_DATE:2020-03-15
VENDOR_NAME:HPE
Slot 0 CPU 0:
DEVICE_NAME:HPE HSR6800 RSE-X3 Router MPU JH075A
DEVICE_SERIAL_NUMBER:CN07GXY00G
MAC_ADDRESS:4CAE-A386-B830
MANUFACTURING_DATE:2020-07-18
VENDOR_NAME:HPE
Slot 2 CPU 0:
DEVICE_NAME:HPE HSR6800 FIP-380 Flex Int Pltfrm Mod JM050A
---- More ---- DEVICE_SERIAL_NUMBER:CN08KXH01G
MAC_ADDRESS:4CAE-A38A-17C0
MANUFACTURING_DATE:2020-08-21
VENDOR_NAME:HPE
Slot 3 CPU 0:
DEVICE_NAME:HPE HSR6800 FIP-380 Flex Int Pltfrm Mod JM050A
DEVICE_SERIAL_NUMBER:CN08KXH012
MAC_ADDRESS:4CAE-A38A-1700
MANUFACTURING_DATE:2020-08-20
VENDOR_NAME:HPE
Fan 1:
DEVICE_NAME:HP HSR6802 Router Spare Fan Assembly JG367A
DEVICE_SERIAL_NUMBER:210212A03WX203000006
MAC_ADDRESS:NONE
MANUFACTURING_DATE:2020-03-15
VENDOR_NAME:HPE
[A2 & B2 Rack-6802Router]
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2020 05:48 AM - edited 11-05-2020 05:52 AM
11-05-2020 05:48 AM - edited 11-05-2020 05:52 AM
SolutionHi @Muthukumar1 !
You have not set up any authentication on console, that's why everybody with console access can login with network-admin role:
line con 1/0
user-role network-admin
#
line con 2/0
user-role network-admin
You need to set there a configuration that is similar to your VTY lines:
authentication-mode scheme
user-role network-operator
P.S. Just don't save the config before you tried to login on the console port and before you confirm it behaves like it should. If any issues, just reboot the router then. But if you will save the config things will become a little bit more difficult.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-09-2020 09:42 AM
11-09-2020 09:42 AM
Re: Not able to restrict for console access
Ok, Thanks for your support and now it's working fine.
Regards
Muthukumar