cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5296
Views
5
Helpful
4
Replies

Unable to use "ping ... size" in privilege level exec 1

mauricioharley
Level 1
Level 1

Dear friends,

     I'm using AAA and I typed the following commands on my router:

aaa new-model
aaa authentication login default local

privilege exec level 1 ping ip
privilege exec level 1 ping vrf
privilege exec level 1 ping

username test privilege 1 secret test

     I realized that it's impossible to use ping command with size option even with "privilege exec level 1 ping ip" as you can see above.  I need to be able to use the entire ping command like this example below:

ping vrf VRF1 ip 1.1.1.1 size 64 repeat 100

     Could you please help me ASAP?

I appreciate,

Mauricio Harley

4 Replies 4

shepherd.magumo
Level 1
Level 1

Good day,

I am encountering similiar issue, I have created a user with previlege level 5 and all I want them to do is continous ping say for 100 packets.

Router1#ping 192.168.1.112 repeat 100

                                         ^

% Invalid input detected at '^' marker.

Router#

I even tried to change the privilege to 14 and still getting that invalid input error.

Am i missing something here?

Shepherd

Guys,

I also want an answer to this question.  One "work around" I have found is enabling them for just "ping":

privilege exec level 1 ping

Then they can go through the exended ping dialog by just typing "ping" with no arguments:

ici-2921-test>ping

Protocol [ip]:

Target IP address: 192.96.174.5

Repeat count [5]: 1000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sweep range of sizes [n]:

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 192.96.174.5, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!

Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/1/4 ms

ici-2921-test>

I would still prefer a way to allow them to type "ping xxx.xxx.xxx.xxx repeat 1000" though,

Cathal.

Hello,

Encountering the same problem with the command "ping ip source interface", I can't use the proposed workaround as I have to use the command in a script.

It seems that as soon as it's not privilege 16 ping command cannot be used with another argument than ip.

Does someone have another workaround or correction ?

Regards

fadelshaheen
Level 1
Level 1

Hi

 

simply ..... use ping* and you can make a ping from the Privilege level1 like level 15

 

Router(config)#privilege exec level 1 ping *

 

 

Router>sh pri
Current privilege level is 1
Router>

 

Router>ping 8.8.8.8 ?
  data      specify data pattern
  df-bit    enable do not fragment bit in IP header
  repeat    specify repeat count
  size      specify datagram size
  source    specify source address or name
  timeout   specify timeout interval
  validate  validate reply data
  <cr>

 

Hope its solves your problem

Regards