Tuesday, December 7, 2010

Security Command : save-password


To save your extended authentication (Xauth) password locally on your PC, use the save-password command in Internet Security Association Key Management Protocol (ISAKMP) group configuration mode. To disable the Save-Password attribute, use the no form of this command.
save-password
no save-password

Syntax Description

This command has no arguments or keywords.

Defaults

Your Xauth password is not saved locally on your PC, and the Save-Password attribute is not added to the server group profile.

Command Modes

ISAKMP group configuration 

Usage Guidelines

Save password control allows you to save your Xauth password locally on your PC so that after you have initially entered the password, the Save-Password attribute is pushed from the server to the client. On subsequent authentications, you can activate the password by using the tick box on the software client or by adding the username and password to the Cisco IOS hardware client profile. The password setting remains until the Save-Password attribute is removed from the server group profile. After the password has been activated, the username and password are sent automatically to the server during Xauth without your intervention.
The save-password option is useful only if your password is static, that is, if it is not a one-time password such as one that is generated by a token.
The Save-Password attribute is configured on a Cisco IOS router or in the RADIUS profile.
To configure save password control, use the save-password command.
An example of an attribute-value (AV) pair for the Save-Password attribute is as follows: 
ipsec:save-password=1
You must enable the crypto isakmp client configuration group command, which specifies group policy information that has to be defined or changed, before enabling the save-password command.  

Examples

The following example shows that the Save-Password attribute has been configured: 
crypto isakmp client configuration group cisco

 save-password 
 
Some useful commands -
 
Commands                          Description 
 
acl                           Configures split tunneling. 
 
crypto isakmp client 
configuration group           Specifies the DNS domain to which a group belongs.

  
  


















Posted by
ajay gupta


at
1:37 PM





















Labels:














No comments:











Post a Comment







        

      









Subscribe to:
Post Comments (Atom)