https://community.cisco.com/t5/network-access-control/aaa-question/m-p/1732112#M256405 <HTML><HEAD></HEAD><BODY><P>Hi Nilesh,</P><P></P><P>if you have just one router and two users you can cerate just this two users with limited access.</P><P></P><P>conf t</P><P>username user1 privilege 1 password cisco</P><P>username user 2 privilege 5 password cisco</P><P></P><P>privilege exec level 5 show running-config</P><P></P><P>user1 can log into the device, bat cannot do anything. I really don't understand for waht reason you want him then to login to the device.</P><P></P><P>user2 can log in and execute the show running-config command</P><P></P><P>when the two user log in by telnet don't forget to add this command to your vty line</P><P></P><P>vty 0 4</P><P>login local</P><P></P><P>regards</P><P>alex</P></BODY></HTML> Thu, 04 Aug 2011 17:18:10 GMT alex.dersch 2011-08-04T17:18:10Z https://community.cisco.com/t5/network-access-control/aaa-question/m-p/1732111#M256364 <P style="margin: 0in; margin-bottom: .0001pt;"><EM>Hello Security Experts,</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>I need your help for AAA configuration.</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>I'm Planning to implement AAA security on my Router...Could you please anyone tell me how to implement &amp; what is a requirement &amp; also pls. provide me document for my reference.</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>I have 2 users they want to give limited login access on my Cisco Router.</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><STRONG><EM style="text-decoration: underline; ">1st Question: -</EM></STRONG><EM> 1 users can able to login in Router but he should not enter into privilege mode &amp; not able to execute any command.</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><STRONG><EM style="text-decoration: underline; ">2nd question: -</EM></STRONG><EM> Another user can able to logging any mode but he should not able to change any running-configuration &amp; startup-configuration.</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>Please advise me &amp; pls. provide me AAA related document becoz. In future any new requirement so I can able to do myself <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM> </EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>HTH</EM></P><P></P><P style="margin: 0in; margin-bottom: .0001pt;"><EM>Nilesh.</EM></P> Mon, 11 Mar 2019 01:16:24 GMT https://community.cisco.com/t5/network-access-control/aaa-question/m-p/1732111#M256364 bhornilesh 2019-03-11T01:16:24Z https://community.cisco.com/t5/network-access-control/aaa-question/m-p/1732112#M256405 <HTML><HEAD></HEAD><BODY><P>Hi Nilesh,</P><P></P><P>if you have just one router and two users you can cerate just this two users with limited access.</P><P></P><P>conf t</P><P>username user1 privilege 1 password cisco</P><P>username user 2 privilege 5 password cisco</P><P></P><P>privilege exec level 5 show running-config</P><P></P><P>user1 can log into the device, bat cannot do anything. I really don't understand for waht reason you want him then to login to the device.</P><P></P><P>user2 can log in and execute the show running-config command</P><P></P><P>when the two user log in by telnet don't forget to add this command to your vty line</P><P></P><P>vty 0 4</P><P>login local</P><P></P><P>regards</P><P>alex</P></BODY></HTML> Thu, 04 Aug 2011 17:18:10 GMT https://community.cisco.com/t5/network-access-control/aaa-question/m-p/1732112#M256405 alex.dersch 2011-08-04T17:18:10Z