Re: Can't get read-only access to my switches via http

bdelph · ‎10-06-2005

I set up a couple of users for read-only access to our switches via their web browsers. I set this up in Network Assistant. However when we try to log in, only a level 15 user is allowed to log in and there doesn't seem to be any way change this.

I know in Network Assistant, you can choose which user level you want, but I don't see any way to do it via the web interface.

What am I missing here?

Georg Pauwen · ‎10-10-2005

Hello,

I think the privilege levels have to be set either locally on the switch (with the command 'user USERNAME privilege PRIVILEGE-LEVEL), or, if you use e.g. an ACS or other TACACS or RADIUS server, on those...

Regards,

GP

t.fiala · ‎12-08-2005

Hello, did you solve this problem already?

I have solved it a long time ago and I forgott it!

:-(

I would like to use this restriction now again.

The issue is only to write an appropriate keyword into address line, something like

http://switch/level/5

Ooo! It works!

Regards, Tomas

m.nmezi · ‎12-08-2005

Implementing security within a switching environment is less intuitive than in a router. Switches, by design, tend to recognize only two levels of administrative access - user exec mode or privileged exec mode. Implementation of security at different access levels, level 15, etc, can be tricky and should be done at the command prompt, not in the GUI.

You should reset your config and do not use Network Assistant for this purpose; it is "buggy."

desai.jaideep · ‎12-09-2005

Hi

why dont un try--

Switch(config)#username privilege level password

Switch(config)#line vty 5 15

Switch(config-line)#login local

Regards

JD