10-09-2012 02:33 AM - edited 03-20-2019 07:59 PM
Hi,
I'm Getting Error in router from NVRAMwhile accessing below command in privilge 4 login
CTS-SEC-CBE#sh configuration
Using 14350 out of 262144 bytes
%Error opening nvram:/startup-config (Permission denied)
The error not observed while executing the command through privilege 15 login
Regards
10-09-2012 07:04 AM
Hi Viral,
show configuration is a privilege level 15 command.
The error you are receiving Permission denied is indicating that you do not have sufficient privilege to execute the command. A privilege level 4 user has less privileges than a privilege level 15 user.
You would need to move the command to privilege level 4 by way of:
privilege exec level 4 show startup-config
Sincerely,
David.
10-15-2012 02:13 AM
Hi David,
Thank you for your reply!!
The same login credential is working in other routers
r#show configuration
Using 5004 out of 196600 bytes
!
! Last configuration change at 14:40:32 IST Mon Oct 15 2012 by xxx
! NVRAM config last updated at 14:40:34 IST Mon Oct 15 2012 by xxx
!
version 12.4
Regards,
10-15-2012 08:01 AM
But did you move the command down to privilege level 4 on the other devices?
Did you do so on this device?
It is difficult to help you without additional information.
Sincerely,
David.
10-15-2012 09:08 AM
Hi David,
Yes the same command to moved to privilege 4 on otherv devices
Please let me know additional information required.
Regards,
10-15-2012 09:25 AM
Hi Viral,
I would need the output from:
show version
show run | inc aaa
show run | inc privilege
from the affected device.
10-15-2012 09:33 AM
Hi,
Please find the same
Router#show run | inc aaa
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa session-id common
====================================
Router#show run | inc privilege
privilege exec level 6 telnet
privilege exec level 4 traceroute ip
privilege exec level 4 traceroute
privilege exec level 4 ping ip
privilege exec level 4 ping
privilege exec level 4 show ip accounting
privilege exec level 4 show ip interface brief
privilege exec level 4 show ip interface
privilege exec level 4 show ip
privilege exec level 4 show clock
privilege exec level 15 show logging
privilege exec level 15 show startup-config
privilege exec level 6 show running-config
privilege exec level 4 show configuration
privilege exec level 4 show interfaces Null0 description
privilege exec level 4 show interfaces description
privilege exec level 4 show interfaces GigabitEthernet0/1/0 description
privilege exec level 4 show interfaces GigabitEthernet0/0/0 description
privilege exec level 4 show interfaces GigabitEthernet0/3 description
privilege exec level 4 show interfaces GigabitEthernet0/2 description
privilege exec level 4 show interfaces GigabitEthernet0/1 description
privilege exec level 4 show interfaces GigabitEthernet0/0 description
privilege exec level 4 show interfaces Loopback999 description
privilege exec level 4 show interfaces Loopback10 description
privilege exec level 4 show interfaces Loopback1 description
privilege exec level 4 show interfaces Loopback0 description
privilege exec level 4 show interfaces
privilege exec level 4 show
privilege exec level 15 clear ip accounting
privilege exec level 15 clear ip
privilege exec level 4 clear counters
privilege exec level 4 clear
Regards,
10-15-2012 09:34 AM
Hi,
Please find the show version
Router#sh version
Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.2(3)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 23-Mar-12 21:00 by prod_rel_team
ROM: System Bootstrap, Version 15.1(1r)T4, RELEASE SOFTWARE (fc1)
CTS-CBE-PRINEW uptime is 1 week, 1 day, 13 hours, 41 minutes
System returned to ROM by power-on
System restarted at 08:19:26 IST Sun Oct 7 2012
System image file is "flash0:c3900e-universalk9-mz.SPA.152-3.T.bin"
Last reload type: Normal Reload
Last reload reason: power-on
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco CISCO3945-CHASSIS (revision 1.0) with C3900-SPE250/K9 with 740352K/308224K bytes of memory.
Processor board ID FGL1636129B
6 Gigabit Ethernet interfaces
DRAM configuration is 72 bits wide with parity enabled.
256K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
License Info:
License UDI:
-------------------------------------------------
Device# PID SN
-------------------------------------------------
*0 C3900-SPE250/K9 FOC16344GDA
Technology Package License Information for Module:'c3900e'
-----------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------
ipbase ipbasek9 Permanent ipbasek9
security None None None
uc None None None
data datak9 Permanent datak9
Configuration register is 0x2102
10-22-2012 04:59 PM
This is odd:
privilege exec level 15 show startup-config
privilege exec level 6 show running-config
privilege exec level 4 show configuration
"Show configuration" is a synonym for "show startup-config". Why do you have the commands at different privilege levels?
I think if you set the "show start-config" command to level 4, it should all work fine. This is a conflicting configuration. This is probably why the command starts to execute but find the saved config file stored at a higher priviliege level.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: