Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
393
Views
0
Helpful
3
Replies

aaa priv levels + commands

carl_townshend
Spotlight
Spotlight

‎03-27-2009 04:11 AM - edited ‎03-06-2019 04:51 AM

Hi all, I have been learning to use the aaa and acs server on my router, let me say, I think its very good.

2 questions is priv level 15 the only level that allows enable mode?

also has anyone got a default template that they use as standard, ie recommended practice

Labels:
0 Helpful
3 Replies 3

tom_fox_ki4qqq
Level 1
Level 1

‎03-27-2009 05:03 AM

Privilege level 15 is enable mode.

Unfortunately, I am not allowed to share the template, but I can tell you level 1 can do a show on anything (except running-config). Copy and sh run are level 2 and above for us.

In the end, it is important for you to decide how many levels are needed for your org, and who is going to use each level. Only then can you decide what commands should be at each level.

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to tom_fox_ki4qqq

‎03-30-2009 02:01 AM

can anyone tell me how to do a policy on my acs that only allows show commands on the router, also what do I need to type on the router for this ?

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-30-2009 04:16 AM

". . . is priv level 15 the only level that allows enable mode? "

Don't believe so. If I recall correctly, "enable (1..15)" is supported. Enable command without an explicit priv level defaults to level 15.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card