12-01-2017 12:09 AM - edited 03-05-2019 09:34 AM
R1(config) username ccna privilege 0 secret ccna
R1(config) username ccie privilege 15 secret ccie
line con 0
login local
After that, I logged in using ccna username and username ccna's privilege level was 15 :(
Can anyone tell me how to properly configure privilege and what I am missing? I want ccna to access only show command and ccie to all commands.
Solved! Go to Solution.
12-01-2017 04:17 AM
Hello,
remove the line below from your configuration:
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
12-01-2017 12:28 AM
Hello,
add the lines below to you configuration:
aaa new-model
!
aaa authentication login default local
aaa authorization exec default local
!
username ccna privilege 0 secret ccna
username ccie privilege 15 secret ccie
12-01-2017 12:33 AM
12-01-2017 12:48 AM
Hello,
line vty 0 4
login authentication default
12-01-2017 02:15 AM - edited 12-01-2017 02:27 AM
Not working...
Current configuration : 805 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
!
!
aaa new-model
!
aaa authentication login default local
!
!
aaa authorization exec default local
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
username ccie privilege 15 secret 5 $1$mERr$RyxJPPKgNUtlrgAujv76v.
username ccna privilege 0 secret 5 $1$mERr$Bok4KDfVutXOJolNq009M/
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login authentication default
!
!
!
end
Username: ccna
Password:
Router>en
% No password set.
Router>en
Password:
Router#show pri
Current privilege level is 15
12-01-2017 04:01 AM
Hello,
odd. What are you testing this with, real devices, or simulators such as Packet Tracer or GNS3 ? What is the source of your TELNET, that is, from where are you trying to access the router ?
12-01-2017 04:09 AM
12-01-2017 04:17 AM
Hello,
remove the line below from your configuration:
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
12-01-2017 06:51 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: