05-05-2011 07:55 AM - edited 03-10-2019 06:03 PM
Dear friends,
I'm using AAA and I typed the following commands on my router:
aaa new-model
aaa authentication login default local
privilege exec level 1 ping ip
privilege exec level 1 ping vrf
privilege exec level 1 ping
username test privilege 1 secret test
I realized that it's impossible to use ping command with size option even with "privilege exec level 1 ping ip" as you can see above. I need to be able to use the entire ping command like this example below:
ping vrf VRF1 ip 1.1.1.1 size 64 repeat 100
Could you please help me ASAP?
I appreciate,
Mauricio Harley
07-12-2012 03:51 AM
Good day,
I am encountering similiar issue, I have created a user with previlege level 5 and all I want them to do is continous ping say for 100 packets.
Router1#ping 192.168.1.112 repeat 100
^
% Invalid input detected at '^' marker.
Router#
I even tried to change the privilege to 14 and still getting that invalid input error.
Am i missing something here?
Shepherd
08-13-2012 07:02 AM
Guys,
I also want an answer to this question. One "work around" I have found is enabling them for just "ping":
privilege exec level 1 ping
Then they can go through the exended ping dialog by just typing "ping" with no arguments:
ici-2921-test>ping
Protocol [ip]:
Target IP address: 192.96.174.5
Repeat count [5]: 1000
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 192.96.174.5, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/1/4 ms
ici-2921-test>
I would still prefer a way to allow them to type "ping xxx.xxx.xxx.xxx repeat 1000" though,
Cathal.
10-17-2012 09:31 AM
Hello,
Encountering the same problem with the command "ping ip source interface", I can't use the proposed workaround as I have to use the command in a script.
It seems that as soon as it's not privilege 16 ping command cannot be used with another argument than ip.
Does someone have another workaround or correction ?
Regards
09-20-2014 01:27 PM
Hi
simply ..... use ping* and you can make a ping from the Privilege level1 like level 15
Router(config)#privilege exec level 1 ping *
Router>sh pri
Current privilege level is 1
Router>
Router>ping 8.8.8.8 ?
data specify data pattern
df-bit enable do not fragment bit in IP header
repeat specify repeat count
size specify datagram size
source specify source address or name
timeout specify timeout interval
validate validate reply data
<cr>
Hope its solves your problem
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide