Password required, but none set

I had a strange thing happen today when I upgraded a 2960G from IOS 12.2 to 15.0. After booting the upgraded IOS, I logged in, entered the enable command, and was surprised to get this error:


Password required, but none set

Everything seemed to work fine, but it was a little odd. I did discover that the following command resolves the error:

aaa authentication enable default enable

Which is also odd, because the documentation states:

If the default list is not set, only the enable password is checked. This has the same effect as the following command:

aaa authentication enable default enable

I’ll go with the explicit statement because the error message, while it may be spurious, makes me uncomfortable.


127 With One Blow!

Cisco 4400 Controller

Cisco 4400 Series Controllers

OK, it was only 86 APs, but 127 sounded better and was the number of radios. I took out 127 radios with one blow. Here’s how I did it…

I found a feature of IOS I was previously unaware of.

I was making some configuration changes on one of my core switches. In the process of this, I found an old VLAN that was no longer in use, VLAN 303. I went to delete it and decided to double check the VLAN assignments and SVI to ensure I was deleting the correct VLAN. You should always be sure you’re deleting the correct thing, right? So in the middle of typing the command to remove VLAN 303, I paused to double check. I hit ^Z, which is what I’ve always hit to exit config mode. It always exits you all the way out of config mode, so you don’t have to type exit repeatedly. So this is what I typed:

Switch(config)#no vlan 30^Z
% Applying VLAN changes may take few minutes.  Please wait...

and I kept on going not noticing the line regarding the VLAN change. Bad Network Engineer, no cookie. VLAN 30 is for our wireless controllers. Not only does Control-Z exit config mode, but it also executes whatever is on the prompt. I was previously unaware of this, so my partial command was executed and on a different VLAN than I had originally intended.

A few minutes later, I started getting alarms about the wireless system going down. I jokingly said “What did I do?” It only took a couple minutes to figure out what I’d done and discover this behavior of the ^Z key sequence. I’ve been doing this for 15 years and I’ve never noticed this behavior before. Now I wonder if I’ve ever broken anything this way in the past and not realized it…

This also started me thinking about VLAN Trunk Protocol (VTP), but that’s another post.