Solved: Login to directly into "privilege mode"

kaushal13 · ‎12-18-2012

Hi All,

I have created users and given them telnet access to router 7200.

They have full privilges(15) but everytime they login they login into user-exec mode instead of privilege mode.

Is there a way to skip user-exec mode and allow the users to login directly into privilge mode so they dont have to enter password twice?

Thanks!!

david.tran · ‎12-18-2012

line vty 0 15

privilege level 15

that will do it

View solution in original post

david.tran · ‎12-18-2012

line vty 0 15

privilege level 15

that will do it

Silviu Lavric · ‎01-12-2015

what if I need it to work like this

(straight to priv. mode)

just for one user?

can it be done on an ASA ?

Richard Burts · ‎01-12-2015

The solution suggested in this thread of specifying

privilege-level 15

on the vty will work for IOS devices and will not work on ASA. Also this solution would give ALL users access to privilege mode and not just for one user.

HTH

Rick

HTH

Rick

Silviu Lavric · ‎01-12-2015

OK , then I have new question. How do I get a specific user straight to privilege mode on an Cisco ASA.

p.s. maybe I should open new thread ?

Richard Burts · ‎01-13-2015

Opening a new thread might be a good idea - though at this point we have gone far enough (and I am not sure how much further this discussion will go) that we might as well just continue this thread.

While IOS devices have mechanisms that will allow you to configure that a user goes directly into privilege mode I do not believe that this works on the

ASA - at least

for the command line. If you login to ASDM to manage the

ASA

you will go directly to privilege mode. But for command line

(SSH, telnet, etc)

you will go to user mode and be required to enter another password for privilege mode. I do not know a way to get around that for

ASA

command line.

HTH

Rick

HTH

Rick

paul driver · ‎01-13-2015

Hello

Suppose suggesting basic AAA

username test privilege 15 secret  xxxxx.
aaa new-model
aaa authentication login default group tacacs+ local 
aaa authorization exec default group tacacs+ local


res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Silviu Lavric · ‎01-14-2015

@paul

Love your idea, it shows you actually try not just repeat answers from others but please test it on ASA and not router.

p.s. how do I make it work for just one user ?

paul driver · ‎01-14-2015

Hello

the same applys to an generic user account or a specific user account

Res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Andre Neethling · ‎01-15-2015

On the ASA You can try the command below if local user. If using TACACS, replace LOCAL with TACACS

aaa authorization exec LOCAL auto-enable

kaushal13 · ‎12-18-2012

Thanks. It worked

Login to directly into "privilege mode"

Login to directly into "privilege mode" for a specific user

Re: Cisco Catalyst switch in ROMMON mode ("switch:" prompt)

Cisco Nexus 9000 "feature privilege"

The privilege mode (enable mode) authentication on the TACACS+ server fails on the router and the "%...

[Intersight] "Login credentials are incorrect" による vCenter 接続断時の対処について