12-17-2008 01:27 PM
Hi guys,
I need to permit some user have to access read only to all configuration of router, show running-config. In this moment I wasn't able to permit this.
How do I do this?
Thnaks
12-17-2008 02:58 PM
Hi read your post a as Rick said previledge level setting will not resolve all of your concern. I do know if you have Cisco Works you can setup a user account for this person that will allow him to view the config files but no changes can be made, the server will restrict authorization of the user. otherwise coping the config into notepad or wordpad is your best option if the user doesn't need to make any changes. HTH
12-17-2008 03:47 PM
Nice! Thanks for your help!
Can be done in ACS?
If yes, how can I do to restrict this?
12-17-2008 07:29 PM
Setting different privilege levels is partly determined by what kind of authentication you use. you can either use local authentication or use AAA with TACACS+ and RADIUS. The Cisco Documentation has more info for you.
An example of the commands you would use locally are:
Router(config)# privilege mode level level command-string
Router(config)# enable secret level level {0 |5} password-string
Some of the guidelines from Cisco are here:
Privilege Command Enhancement: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html
Configuring Passwords and Privileges: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: