04-10-2003 05:56 AM - edited 03-10-2019 07:14 AM
Hi,
I wanted to give access to pix firewall based on privilege level. By default it is in 15 level. Then i created a aaa database
aaa-server LOCAL Protocol local
aaa authentication telnet console local
aaa authentication enable console local
Then i created a user name like
username guest password guest privilige 9
By default there is no privilige leve set for 9. Then for testing purpose i added only the privilige to see the clock alone like
privilige show level 9 command clock
After this i logged back in using the guest account both telnet and enable but i could do all the task like a person with level 15 access. Can some advice me how to set privilige level based on users and the restrict their access to the firewall. Like guest log in can see only the version of the pix and he should not be able to go the config t and do any static or access-list.
Thanks in Advance
Solved! Go to Solution.
04-10-2003 07:38 PM
Here is the url which talks about exactly that.
http://www.cisco.com/warp/public/110/pix_command.shtml
Pl. visit "Understanding Privilege Settings" on that url
04-10-2003 07:38 PM
Here is the url which talks about exactly that.
http://www.cisco.com/warp/public/110/pix_command.shtml
Pl. visit "Understanding Privilege Settings" on that url
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: