Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
987
Views
0
Helpful
1
Replies

is it possible to protect the entering into CONFIG mode by password?

mkazantsev
Level 1
Level 1

‎06-09-2004 10:45 AM - edited ‎03-10-2019 07:52 AM

please, let me know if there is a way to protect the entering into CONFIG mode by requesting the password.

thanks.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎06-09-2004 05:48 PM

Only when going into enable mode. The theory is that if you're allowed into enable mode then you're allowed to change the config also.

If you want some users to be able to some enable-mode commands, but not to be able to go into config mode specifically, you can give them an enable-level password that'll put them into say, level 7 (instead of the default level 15), and then move certain commands down to level 7, so they'll only be able to do them.

Something like the following:

enable secret

enable secret level 7

privilege exec level 7 clear line

This allows users in privilege level 7 to do "clear line..." commands but nothing else. You just give the users the level 7 enable password rather than the level 15 password. They type the following:

Router> enable 7

Password:

Router# sho priv

Current privilege level is 7

Router# clear line 2

[confirm]

[OK]

Router# config t

^

% Invalid input detected at '^' marker.

Router#

0 Helpful
Customers Also Viewed These Support Documents