Saturday, May 31, 2014

Cisco IOS-XE one time passwords

Cisco has a feature that allows for you to create a  user and password and to walk away and forget about it. Its called one-time password and is simple to deploy.

here's a dialup user that I will allow access into our vpn-concentrator. He/she has a one-time user account and after the 1st successful login, the account will be exterminated and deleted

The configuration;



And here we make one login  attempt and then  exit. The 2nd login attempt, will  not be honored.



NOTE :  Keep in mind that the username will stay in the cfg, until  that  person actually logon to the router. 

If the  device is rebooted, before the configuration is saved, the username name will re-appear.



Ken Felix
Network & Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(   -   - )=
         o
      /     \

3 comments: