Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
268
Views
0
Helpful
1
Replies

Limiting priviledges to Local User Account..

harsha senaratna
Level 1
Level 1

‎10-16-2012 11:02 PM - edited ‎03-04-2019 05:53 PM

hi all,


I need to create a user in the cisco router and enable the following commands only.

Show Commands :
sh ip access-lists
sh arp


Privilege Commands :

enable
configure terminal
ip access-list extended test
  permit ip any any
int serial 0
  ip access-group test in


It is required to implement this without using ACS and I created a local user using the
following command.

username test pri 0 password testpass


Problem 1 : But once I logged to the router using the above username and password , that particular user
can execute any command. How can this happened ?

Problem 2 : Is there any way to limiting the commands without using the ACS ?

Problem 3 : If I cannot implement this without using the ACS , what's the best solution I can provide ?
     Can I limit the access using priviledge level (0-15) in username command ?


Thanks

Labels:
0 Helpful
1 Reply 1

cadet alain
VIP Alumni
VIP Alumni

‎10-17-2012 12:16 AM

Hi,

yes this is possible without ACS.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtclivws.html

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card