cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
62856
Views
110
Helpful
10
Replies
kaushal13
Beginner

Login to directly into "privilege mode"

Hi All,

I have created users and given them telnet access to router 7200.

They have full privilges(15) but everytime they login they login into user-exec mode instead of privilege mode.

Is there a way to skip user-exec mode and allow the users to login directly into privilge mode so they dont have to enter password twice?

Thanks!!

1 ACCEPTED SOLUTION

Accepted Solutions
david.tran
Enthusiast

line vty 0 15

privilege level 15

that will do it

View solution in original post

10 REPLIES 10
david.tran
Enthusiast

line vty 0 15

privilege level 15

that will do it

View solution in original post

what if I need it to work like this (straight to priv. mode) just for one user?

can it be done on an ASA ?

The solution suggested in this thread of specifying privilege-level 15 on the vty will work for IOS devices and will not work on ASA. Also this solution would give ALL users access to privilege mode and not just for one user.

 

HTH

 

Rick

HTH

Rick

OK , then I have new question. How do I get a specific user straight to privilege mode on an Cisco ASA.

p.s. maybe I should open new thread ?

Opening a new thread might be a good idea - though at this point we have gone far enough (and I am not sure how much further this discussion will go) that we might as well just continue this thread.

 

While IOS devices have mechanisms that will allow you to configure that a user goes directly into privilege mode I do not believe that this works on the ASA - at least for the command line. If you login to ASDM to manage the ASA you will go directly to privilege mode. But for command line (SSH, telnet, etc) you will go to user mode and be required to enter another password for privilege mode. I do not know a way to get around that for ASA command line.

 

HTH

 

Rick

HTH

Rick

Hello

Suppose suggesting basic AAA

username test privilege 15 secret  xxxxx.
aaa new-model
aaa authentication login default group tacacs+ local 
aaa authorization exec default group tacacs+ local


res

Paul



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

@paul

Love your idea, it shows you actually try not just repeat answers from others but please test it on ASA and not router.

p.s. how do I make it work for just one user ?

Hello

the same applys  to an generic user account or a specific user account 

 

Res

paul



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

On the ASA You can try the command below if local user. If using TACACS, replace LOCAL with TACACS

"aaa authorization exec LOCAL auto-enable"

kaushal13
Beginner

Thanks. It worked