Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Previlige level in Cisco Pix

Hi,

I wanted to give access to pix firewall based on privilege level. By default it is in 15 level. Then i created a aaa database

aaa-server LOCAL Protocol local

aaa authentication telnet console local

aaa authentication enable console local

Then i created a user name like

username guest password guest privilige 9

By default there is no privilige leve set for 9. Then for testing purpose i added only the privilige to see the clock alone like

privilige show level 9 command clock

After this i logged back in using the guest account both telnet and enable but i could do all the task like a person with level 15 access. Can some advice me how to set privilige level based on users and the restrict their access to the firewall. Like guest log in can see only the version of the pix and he should not be able to go the config t and do any static or access-list.

Thanks in Advance

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Previlige level in Cisco Pix

Here is the url which talks about exactly that.

http://www.cisco.com/warp/public/110/pix_command.shtml

Pl. visit "Understanding Privilege Settings" on that url

1 REPLY
Cisco Employee

Re: Previlige level in Cisco Pix

Here is the url which talks about exactly that.

http://www.cisco.com/warp/public/110/pix_command.shtml

Pl. visit "Understanding Privilege Settings" on that url

214
Views
0
Helpful
1
Replies
CreatePlease to create content