Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Privilege Levels

I was looking for a guide explaining which command is allowed at each privilege level, for default: for example, what is allowed at privilege level 10?

Does anybody can tell me if a such document exist? If not, which level is required for debugging?

Thank you

  • Network Management
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Privilege Levels

Hi there,

By default, the Cisco IOS software command-line interface (CLI) has two levels of access to commands: user EXEC mode (level 1) and privileged EXEC mode (level 15). However, you can configure additional levels of access to commands, called privilege levels, to meet the needs of your users while protecting the system from unauthorized access. Up to 16 privilege levels can be configured, from level 0, which is the most restricted level, to level 15, which is the least restricted level.

Accordingly level 10 is a custom level, you have to define allowed commands for that level either via the privilege command or via the TACACS+ server. And accordingly debug is available by default for level 15, and you can add it to any customer privilege level.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00803f3bb7.html

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080112495.html

HTH, please rate if it does,

Mohammed Mahmoud.

1 REPLY

Re: Privilege Levels

Hi there,

By default, the Cisco IOS software command-line interface (CLI) has two levels of access to commands: user EXEC mode (level 1) and privileged EXEC mode (level 15). However, you can configure additional levels of access to commands, called privilege levels, to meet the needs of your users while protecting the system from unauthorized access. Up to 16 privilege levels can be configured, from level 0, which is the most restricted level, to level 15, which is the least restricted level.

Accordingly level 10 is a custom level, you have to define allowed commands for that level either via the privilege command or via the TACACS+ server. And accordingly debug is available by default for level 15, and you can add it to any customer privilege level.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00803f3bb7.html

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080112495.html

HTH, please rate if it does,

Mohammed Mahmoud.

805
Views
0
Helpful
1
Replies