deny router command on priv level 15

Unanswered Question
Nov 21st, 2008
User Badges:


objective=allow particular user to have privilege level 15 access to a device except router command

- i was trying to achieve the above but cant. my observation is i cant deny any commands under the config mode. but commands like ping,show,configure which are under the exec mode could be denied easily.

thanks in advance for any help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Sat, 11/29/2008 - 19:24
User Badges:
  • Silver, 250 points or more

By default, there are three command levels on the router:

• privilege level 0-Includes the disable, enable, exit, help, and logout commands

• privilege level 1-Includes all user-level commands at the router> prompt

• privilege level 15-Includes all enable-level commands at the router> prompt

You can move commands around between privilege levels with this command:

privilege exec level priv-lvl command


This Discussion