Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authentication with enable passwords and different privilege levels


I'm trying to authenticate the CLI Access by using enable passwords (or secret, as you prefer). I'm not trying to do that for fun, but only because I had this during my CCIE exam...

By default, on the router, I had only one enable secret. The question was : "Add a privilege 5 secret "cisco5" and configure your router in a sort that, from the password you are typing, you are entering a different privilege level".

I've tried many configurations (including : aaa authentication default enable, aaa authentication enable default enable) and I don't know how to do that without creating local users.

My problem is not to allocate commands or rights to different privilege levels but really to allocate privilege level to a user who is only using an enable secret to authenticate.

If you have any suggestions...




New Member

Re: Authentication with enable passwords and different privilege

You just specify in the enable secret line?

SW10(config)#enable secret ?

0 Specifies an UNENCRYPTED password will follow

5 Specifies an ENCRYPTED secret will follow

LINE The UNENCRYPTED (cleartext) 'enable' secret

level Set exec level password

New Member

Re: Authentication with enable passwords and different privilege


Yes you could be right (and you are...), but you should type enable 5 to access privilege level 5. And unfortunately, your advice could be a good idea if the question did not mention a direct access to level 5 privilege... From the question I had, I think that there is a way to give privilege level to users when they authenticate on vty lines with enable secret.

But how ? That is the question...

Thank you.