cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
843
Views
4
Helpful
2
Replies

Local username and privilege on PIX

eir-dialint
Level 1
Level 1

Hi.

I am trying to configure a username to allow some users to telnet to a PIX from the inside and execute 3 commands only

show crypto

show access-list

show run

I have used these commands

aaa-server LOCAL protocol local

telnet 1.1.1.1 255.255.255.255 inside

privilege show level 2 command run

privilege show level 2 command crypto

privilege show level 2 command running-config

username russell password PASSWORD privilege 2

When I do this and test. I get privelege level 2 when I login but I can run any command. PLease see below. Am i missing something obvious?

Rgds,

Russell.

Username: russell

Password: ********

Type help or '?' for a list of available commands.

PIX> login

Username: russell

Password: ********

PIX# sh curpriv

Username : russell

Current privilege level : 2

Current Mode/s : P_PRIV

2 Replies 2

talisman1310
Level 1
Level 1

Try adding the below command and check

aaa authorization command LOCAL

That worked a treat,

Thanks,

Russell.

Review Cisco Networking for a $25 gift card