04-23-2012 08:04 AM - edited 03-07-2019 06:17 AM
Hello,
I've configured this in the past where you have 2 users on a switch with different privileges:
username admin privilege 15 secret 5 $1$xhbN$3KuZkWG81
username users privilege 3 secret 5 $1$fW/K$I2fQEJRd7s5
When either account is used normally I would be put into privilege mode 15 or 3 and no need for the enable password. At the moment i go into user exec mode on each (priv 1).
My VTY lines are like this:
line con 0
exec-timeout 60 0
logging synchronous
line vty 0 4
access-class 23 in
exec-timeout 60 0
logging synchronous
transport input ssh
line vty 5 15
access-class 23 in
no exec
transport input ssh
How can I get each user to go into their respective privilege views without the need for an enable passowrd?
Thanks
Solved! Go to Solution.
04-23-2012 08:20 AM
Do you have aaa-new model enabled?
If you don't, you need to add login local under the VTY lines.
If you have aaa-new model enabled, you need to add aaa authorization exec default local
I'm assuming these devices are not pointing to a AAA server?
04-23-2012 08:20 AM
Do you have aaa-new model enabled?
If you don't, you need to add login local under the VTY lines.
If you have aaa-new model enabled, you need to add aaa authorization exec default local
I'm assuming these devices are not pointing to a AAA server?
04-23-2012 08:37 AM
Great! that worked, silly me.
04-23-2012 08:25 AM
Hi Andy ,
Do you have aaa configured ?
Dan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide