Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
4
Helpful
7
Replies

Cisco 9200L Privilege level stops working

MichelWilfred
Level 1
Level 1

‎10-25-2023 12:11 PM

Hi,

I have a few switches here that I configured a separate account with privilege level 7 to allow another user to only change the vlan of interfaces and save the configurations. This works fine for a few days but then they are unable to type switchport access, it shows invalid input detected for "access". I have to add "privilege interface level 7 switchport access vlan" again and it will work for a few days. Here's the commands I entered to set this up:

username _____ privilege 7 secret ______

privilege exec level 7 conf t
privilege exec level 7 copy run start
privilege configure level 7 interface
privilege interface level 7 switchport access vlan
privilege interface level 7 description
privilege exec level 7 copy run start
file privilege 7

Labels:
0 Helpful
7 Replies 7

ahollifield
VIP
VIP

‎10-25-2023 12:38 PM

Is something else overriding the configuration?  Do the privilege level configurations still show in show run?  Also a AAA server like ISE would be much better for controlling things like this. 

MichelWilfred
Level 1
Level 1
In response to ahollifield

‎10-25-2023 12:54 PM

There shouldn't be anything else overriding it and the configurations still show up in the show run. We did it directly on these switches since we only needed to do this for 1 user.

0 Helpful

ahollifield
VIP
VIP
In response to MichelWilfred

‎10-25-2023 12:56 PM

It's very strange it stops working after a couple of days.  What version of IOS-XE?  Right but what happens when user 2 comes along?  Its also much easier/better to define users/groups/policies on centralized AAA server.

0 Helpful

MichelWilfred
Level 1
Level 1
In response to ahollifield

‎10-26-2023 06:12 AM

It is on 16.12.03a

0 Helpful

ahollifield
VIP
VIP
In response to MichelWilfred

‎11-02-2023 04:02 AM

I would really suggest trying a newer code 17.9 is now a gold-star option.

MichelWilfred
Level 1
Level 1
In response to ahollifield

‎11-02-2023 07:11 AM

We are planning on doing that upgrade, will update the post if that solves the issue. Thank you

MHM Cisco World
VIP
VIP

‎11-05-2023 06:33 AM

switchport mode access <<- this make port access and assign to vlan 1 by default 
or 
switchport access vlan x <<- if you dont specify vlan then it by default use vlan 1 

so I think it not privilege issue it port Access/Trunk mode issue 

Thanks A Lot
MHM

Customers Also Viewed These Support Documents