12-17-2008 01:27 PM
Hi guys,
I need to permit some user have to access read only to all configuration of router, show running-config. In this moment I wasn't able to permit this.
How do I do this?
Thnaks
12-17-2008 02:58 PM
Hi read your post a as Rick said previledge level setting will not resolve all of your concern. I do know if you have Cisco Works you can setup a user account for this person that will allow him to view the config files but no changes can be made, the server will restrict authorization of the user. otherwise coping the config into notepad or wordpad is your best option if the user doesn't need to make any changes. HTH
12-17-2008 03:47 PM
Nice! Thanks for your help!
Can be done in ACS?
If yes, how can I do to restrict this?
12-17-2008 07:29 PM
Setting different privilege levels is partly determined by what kind of authentication you use. you can either use local authentication or use AAA with TACACS+ and RADIUS. The Cisco Documentation has more info for you.
An example of the commands you would use locally are:
Router(config)# privilege mode level level command-string
Router(config)# enable secret level level {0 |5} password-string
Some of the guidelines from Cisco are here:
Privilege Command Enhancement: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html
Configuring Passwords and Privileges: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide