Access privillage to Username

Unanswered Question
May 21st, 2009
User Badges:

Hi,


Can any one guide me setting up the privillages for the username in router and switches


in router we created the username and given the privillage to 15 which was fine having full access to config


but we need one more username to see only the running config and not to modify the configuration on the router


i tried by giving the access privilage level starting from 1 to 15 like the below but nothing made different except 1 and 15


username admin privillage 15 password cisco

username admin1 privillage 7 password cisco1


can i know what are feature for level 0 15 so that i will use accordingly


thnaks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
John Blakley Thu, 05/21/2009 - 12:59
User Badges:
  • Purple, 4500 points or more

Vinoth,


You set the privileges that you want your users to have.


15 is ALL privileges, and 1 is nothing (pretty much).


You can set your privilege levels in global config:


privilege exec level 3 show running-config


username test privilege 3 pass test


The problem with this is when you do a show run under this user account, it will be blank. You'll have to give your levels appropriate access to everything you want them to see.


privilege configure level 3 access-list


The above will allow the level 3 user to see an access-list in the running config. As you can see, it can get very monotonous to configure. You may want to look into views which is much easier to configure, and much more consistent.


HTH,

John




vinoth.kumar Fri, 05/22/2009 - 00:29
User Badges:

Thanks for your reply


for viewing the access-list alone we need to configre privillage configure level 3 acccess-list


if we need to show all the config except the username and password then LINE as to be mentioned



Actions

This Discussion