Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
0
Helpful
1
Replies

Allow some commands and restrict other commands for the User

netsol
Level 1
Level 1

‎06-10-2002 02:57 AM - edited ‎03-08-2019 10:54 PM

Hi to all,

I dont have ACS and any firewalls.Anywhere from the intranet can access all the commands in the router.I Configured the AAA using local database and created only 2 usernames.I want the other user shoult use only few commands in the user & privilaged levels.I can't use the privilage level for a user.How can i authorize the user to use the perticular 3 commands.

Also i want to configure the accounting in which i need to track the commands used by the user.Any one suggest me how to do it in a normal IOS12.2 version.

Thanks

Raj

Labels:
0 Helpful
1 Reply 1

yusuff
Cisco Employee
Cisco Employee

‎06-15-2002 03:00 AM

Raj,

Below are URLs which will walk you through example of configuring local AAA router authorization and accounting.

Note that you can not do accounting for command(s) on a local router, you need a AAA server for that, although you can use accounting for exec sessions locally.

Implementing Local Router Authorization

-------------------------------------------------------

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c2.htm#xtocid160214

Implementing Local Router Accounting

-------------------------------------------------------

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c2.htm#xtocid160215

Hope that helps.

R/Yusuf

0 Helpful
Customers Also Viewed These Support Documents