Revised June 4, 2008
September 26, 2002
THIS FIELD NOTICE HAS BEEN EXPIRED AND IS NO LONGER MAINTAINED OR UPDATED BY CISCO.
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE, WARRANTY OR SUPPORT. USE OF THE INFORMATION ON THIS FIELD NOTICE OR MATERIALS LINKED FROM THIS FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Cisco SOHO 71
Cisco SOHO 76
Cisco SOHO 77
Cisco SOHO 77H
Cisco SOHO 78
Multiple usernames and passwords may appear in the router configuration when the Cisco Router Web Setup (CRWS) application is closed from the Windows close button (the X button in the top right corner) instead of by using the close link provided in CRWS. This problem can also be caused when the connection from the PC running CRWS to the router is severed.
The normal operation of CRWS is to create a telnet account (username and password) which is then used to make specified configuration changes. When CRWS is properly exited, this telnet account is closed and the username and password are deleted. If a user aborts the CRWS application by closing the window or by disconnecting the PC from the router instead of correctly closing the application, CRWS may not be able to delete this username and password and they will appear in the router configuration. Multiple occasions of stopping CRWS in this manner will result in multiple usernames and passwords in the configuration file.
Note: Randomized passwords are used each time CRWS creates a telnet account. The presence of these usernames and passwords does not pose any security risks, since each telnet account will have a unique password. These accounts will not work on other Cicso routers running CRWS.
The symptom for this issue is that usernames and passwords will appear in the configuration file. An example is:
username Srini privilege 15 password 7
username Pgiri privilege 15 password 7
This is only a cosmetic issue and it poses no security risk. The extra usernames and passwords can be safely removed at any time.
No solution is required for this issue, however, it can be easily avoided if the following items are remembered.
Always close CRWS with the close button on the left side within the application.
Do not close the window on the PC while the CRWS application is still running.
Do not disconnect the PC from the router without first closing CRWS properly.
Future releases of CRWS will attempt to minimize the occurance of this issue, but it is impossible to address all situations. It has also been noted that this issue is more likely to occur when using Netscape than it is with Internet Explorer.
The CRWS telnet usernames/passwords are removed by issuing the command no username as shown in this example.
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no username srini
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.