06-02-2007 08:37 PM - edited 03-03-2019 05:16 PM
Hi,
I config three levels for remote access. all show command is on level 2 (privilege 5). However, it only how 6 line of running-config. any missing of the commands?
----
privilege exec level 1 traceroute
privilege exec level 1 show running-config
----
--- output if sh run ---
tw72xx>sh run
Building configuration...
Current configuration : 13 bytes
!
!
!
!
end
----
thanks
best regards
06-02-2007 08:42 PM
Hi,
only on privilege level 15, you can view the running configuration.
06-02-2007 08:50 PM
Hi,
does it mean that whatever we do, the "sh run" is still in level 15?
best regards
06-02-2007 09:27 PM
YES ur right, bcoz privilege level 15 is the admin privileges, other levels are not entitled to see the configuration as it is not safe.
06-02-2007 10:56 PM
Hi,
When access to the router is configured by privilege levels, a common issue is that the show running is configured at or below the user's privilege level. When the user executes the command, the configuration appears to be blank. This is actually by design due to that this command displays all of the commands that the current user is able to modify (in other words, all the commands at or below the user's current privilege level). The command should not display commands above the user's current privilege level because of security considerations. If so, commands such as snmp-server community could be used to modify the current configuration of the router and gain complete access to the router.
For example, if a certain privilege level is given the privilege to configure under the interface, and do show run, when a user do show run with this level, he will get only the interface configurations:
privilege configure all level 5 interface
privilege exec all level 5 show running-config
Router#sh run
Building configuration...
Current configuration : 1055 bytes
!
boot-start-marker
boot-end-marker
!
!
!
!
!
interface Loopback0
ip address 10.10.10.2 255.255.255.255
!
interface Serial1/1
no ip address
shutdown
!
end
I hope that i've been informative.
HTH, please do rate all helpful replies,
Mohammed Mahmoud.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide