Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

2960S http/https access with read-only

Hi,

I configured 2960S switch as http server.

I'm unable to access the switch GUI with non privilege 15 user, with privilege 15 user it's working.

Does any one know if this could be done ?

7 REPLIES
Purple

2960S http/https access with read-only

Hi,

which GUI are you using ? are you using radius or tacacs+ ?

For CNA if using  authentication server look at this:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_network_assistant/version5_0/quick/guide/English/feature.html#wp1043757

Regards.

Alain

Don't forget to rate helpful posts.
Bronze

2960S http/https access with read-only

Create a new user with a level between 1 and 14 and enable that level on vty lines. It should work

username 2960 privilege 10 password 0 cisco

line vty 0 4

privilege level 10

login local

line vty 5 15

privilege level 10

login local

Hope this helps

Eugen

Community Member

2960S http/https access with read-only

Hi,

I'm still not able to acces the http interface of the switch only with privilege 15.

The switch still expects the user to be with privilege 15.

Bronze

2960S http/https access with read-only

Community Member

2960S http/https access with read-only

Hi Eugen,

This web based authentication is talking about http session that passing through the switch.

I'm talking  about accessing the switch with http.

Bronze

2960S http/https access with read-only

Hi Alex, did you try to create a user with privilege 0 or 1, that is what most literature on cisco recommends for a user exec (some say that a privilege level between 1 to 14 is read-only and 15 is read-write).

Sorry, I give you the wrong link, try this one.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swauthen.html#wp1154063

As the link above shows you can restrict using privilege mode, or create admin roles for each user.

Regards

Eugen

Community Member

2960S http/https access with read-only

Hi,

first of all, i think Alex is talking about accessing the Switch via http (browser) and not telnet/ssh, so vty lines don't play a role.

I am currently stumbling upon this problem as well.

What works is to enter http://switch-ip/level/7/exec (Given that a user with Privilege Level 7 exists on the switch or AAA-Server).

The problem is, when you login with this method, you don't see the usual GUI, but a set of commands you could issue now.

If you find a way to get the GUI working with read-only access, please let me know.

Thanks,

Sebastian

2259
Views
0
Helpful
7
Replies
CreatePlease to create content