cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
634
Views
10
Helpful
5
Replies

Configure ip source binding for lower privileges

J_Rega
Level 1
Level 1

TLDR: What is the proper privilege configure level X command to enable a lower privilege level the ability to configure ip source binding?

 

We need to grant personnel with lower privilege rights the ability to perform IP source binding. We have entered the following commands:

privilege configure level X ip

privilege configure level X ip source

privilege configure level X ip source binding

privilege configure level X ip source binding vlan

privilege configure level X ip source binding vlan interface

privilege configure level X no ip

privilege configure level X no ip source

privilege configure level X no ip source binding

privilege configure level X no ip source binding vlan

privilege configure level X no ip source binding vlan interface

 

The results of 'sh run | inc privilege configure' lists:

privilege configure level X ip source

privilege configure level X ip source binding

privilege configure level X no ip source

privilege configure level X no ip source binding

 

When we attempt to set or remove source bindings at the lower privilege level we can enter or attempt to remove up to entering the MAC address, after that we receive an % Unrecognized command error. This error is received whether we enter the entire command or if we enter the MAC address followed by a ?. 

 

We are able to view the entire ip source binding at the lower privilege level by running:

sh run | inc ip source

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

what device is this ? what code running ?

 

is this AAA authentication or local ?

 

what is priv X (X what number ?) - some commands need Priv 15 and allow only required command to bind that user to use that commands.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Various devices, mostly 2960 (15.2(7)E5) and 9200 (17.3.4b) series.

 

The use case for Authentication is both local and via RADIUS.

 

The number varies, greater than 1 but less than 15.

try with priv 15 for one test user and let us know what was the outcome (use local authentication)

 

Radius - what radius server ? cisco or NPAS ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Priv 15 works fine for both local and Radius authentications, we are able to add and remove bindings as needed.

 

NPAS for Radius.

follow