Popular Posts

Monday, 25 January 2010

How to Configure Privilege Levels for Users on Cisco Router

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

As my previous post about Disabling Password Recovery on Cisco Router. Today, with this post, I'd love to show you the way to Configure Privilege Levels for Users on Cisco Router.

Commands entered into the IOS can be associated with each privilege level. You
configure the privilege level for a command using the global configuration command privilege
level . The exact syntax of this command is as follows:

privilege mode level level command | reset command

The Image.1 below displays three users, Googla, Visa, and Yaha, connected to a local segment. Googla is the network engineer; he has full control over Cisco Router. Visa and Yaha are system administrators; they need only limited functionality on Cisco Router. Here is an example of the configuration that meets this requirement:

enable secret Googla
enable secret level 3 Visa
enable secret level 2 Yaha
privilege exec level 3 debug
privilege exec level 3 show running−config
privilege exec level 3 telnet
privilege exec level 2 ping
privilege exec level 2 sh int ser0
privilege exec level 2 sh ip route
line con 0
login
Figure
Image.1: Using privilege levels to create administrative levels.

This configuration provides Googla with the default full administrative rights to the router. Visa is given access to all features that are allowed with administrative level 3 and can perform the commands that are listed with a privilege level of 3. Yaha is assigned a privilege level of 2 and is given access to all features and allowed to perform the commands listed with a privilege level of 2.

The key is that each user must use the enable command from the user mode prompt and log in with the password assigned for that level. An example is provided here:

CiscoRouter>
CiscoRouter>enable 3
Password: Visa
CiscoRouter#



Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!