How to Configure Privilege Levels for Users on Cisco Router
As my previous post about Disabling Password Recovery on Cisco Router. Today, with this post, I'd love to show you the way to Configure Privilege Levels for Users on Cisco Router.
Commands entered into the IOS can be associated with each privilege level. You
configure the privilege level for a command using the global configuration command privilege
privilege mode level level command | reset command
The Image.1 below displays three users, Googla, Visa, and Yaha, connected to a local segment. Googla is the network engineer; he has full control over Cisco Router. Visa and Yaha are system administrators; they need only limited functionality on Cisco Router. Here is an example of the configuration that meets this requirement:
enable secret Googla
enable secret level 3 Visa
enable secret level 2 Yaha
privilege exec level 3 debug
privilege exec level 3 show running−config
privilege exec level 3 telnet
privilege exec level 2 ping
privilege exec level 2 sh int ser0
privilege exec level 2 sh ip route
line con 0
login
Figure
This configuration provides Googla with the default full administrative rights to the router. Visa is given access to all features that are allowed with administrative level 3 and can perform the commands that are listed with a privilege level of 3. Yaha is assigned a privilege level of 2 and is given access to all features and allowed to perform the commands listed with a privilege level of 2.
The key is that each user must use the enable
CiscoRouter> CiscoRouter>enable 3 Cisco
Password: VisaRouter#