cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1306
Views
5
Helpful
8
Replies
Iluvnetwork
Beginner

Cisco Privilege Question :)

R1(config) username ccna privilege 0 secret ccna

R1(config) username ccie privilege 15 secret ccie

line con 0

login local

 

After that, I logged in using ccna username and username ccna's privilege level was 15 :(

Can anyone tell me how to properly configure privilege and what I am missing? I want ccna to access only show command and ccie to all commands.  

1 ACCEPTED SOLUTION

Accepted Solutions

Hello,

 

remove the line below from your configuration:

 

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

View solution in original post

8 REPLIES 8
Georg Pauwen
VIP Master

Hello,

 

add the lines below to you configuration:

 

aaa new-model
!
aaa authentication login default local
aaa authorization exec default local
!
username ccna privilege 0 secret ccna
username ccie privilege 15 secret ccie

Still ccna has 15 privilege level...

Hello,

 

line vty 0 4

login authentication default

 

Not working...

 

Current configuration : 805 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

!

!

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

!

!

!

!

!

aaa new-model

!

aaa authentication login default local

!

!

aaa authorization exec default local

!

!

!

!

!

ip cef

no ipv6 cef

!

!

!

username ccie privilege 15 secret 5 $1$mERr$RyxJPPKgNUtlrgAujv76v.

username ccna privilege 0 secret 5 $1$mERr$Bok4KDfVutXOJolNq009M/

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 1.1.1.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

ip classless

!

ip flow-export version 9

!

!

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login authentication default

!

!

!

end

 

 

Username: ccna

 

Password:

Router>en

% No password set.

Router>en

Password:

Router#show pri

Current privilege level is 15

Hello,

 

odd. What are you testing this with, real devices, or simulators such as Packet Tracer or GNS3 ? What is the source of your TELNET, that is, from where are you trying to access the router ?

I used both Packet Tracer 7.1 and GNS3. Router 1 --- Router 2. I am teleting to 1.1.1.2 from 1.1.1.1

Hello,

 

remove the line below from your configuration:

 

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

Thank you :) Finally Working!