Local Command Authorization Prerequisites; Default Command Privilege Levels; Assigning Privilege Levels To Commands And Enabling Authorization - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 12
Configuring AAA
Local Command Authorization Prerequisites
Complete the following tasks as part of your command authorization configuration:
•
•
Default Command Privilege Levels
By default, the following commands are assigned to privilege level 0. All other commands are at
level 15.
•
•
•
•
•
•
•
•
•
•
•
•
If you move any configure mode commands to a lower level than 15, be sure to move the configure
command to that level as well, otherwise, the user will not be able to enter configuration mode.
To view all privilege levels, see the
Assigning Privilege Levels to Commands and Enabling Authorization
To assign a command to a new privilege level, and enable authorization, follow these steps:
To assign a command to a privilege level, enter the following command:
Step 1
FWSM/contexta(config)# privilege [show | clear | configure] level level
[mode {enable | configure}] command command
Repeat this command for each command you want to reassign.
See the following information about the options in this command:
OL-6392-01
Configure enable authentication. (See the
section on page
12-8.)
Alternatively, you can use the login command (which is the same as the enable command with
authentication), which requires no configuration. We do not recommend this option because it is not
as secure as enable authentication.
You can also use CLI authentication (see the
on page
12-8), but it is not required.
Configure each user in the local database at a privilege level from 0 to 15. (See the
Local Database" section on page
show checksum
show curpriv
enable (enable mode)
help
show history
login
logout
pager
show pager
clear pager
quit
show version
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
"Configuring Authentication to Access Privileged Mode"
"Configuring Authentication for CLI Access" section
12-6.)
"Viewing Command Privilege Levels" section on page
Configuring Command Authorization
"Configuring the
12-13.
12-11
Advertisement
Table of Contents
Troubleshooting
