How To Control Switch Access With Passwords And Privilege Levels - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
How to Control Switch Access with Passwords and Privilege Levels
security: user EXEC (Level 1) and privileged EXEC (Level 15). You can configure up to 16 hierarchical
levels of commands for each mode. By configuring multiple passwords, you can allow different sets of users
to have access to specified commands.
Privilege Levels on Lines
Users can override the privilege level you set using the privilege level line configuration command by logging
in to the line and enabling a different privilege level. They can lower the privilege level by using the disable
command. If users know the password to a higher privilege level, they can use that password to enable the
higher privilege level. You might specify a high level or privilege level for your console line to restrict line
usage.
For example, if you want many users to have access to the clear line command, you can assign it level 2 security
and distribute the level 2 password fairly widely. But if you want more restricted access to the configure
command, you can assign it level 3 security and distribute that password to a more restricted group of users.
Command Privilege Levels
When you set a command to a privilege level, all commands whose syntax is a subset of that command are
also set to that level. For example, if you set the show ip traffic command to level 15, the show commands
and show ip commands are automatically set to privilege level 15 unless you set them individually to different
levels.
Related Topics
Setting the Privilege Level for a Command, on page 767
Example: Setting the Privilege Level for a Command, on page 772
Changing the Default Privilege Level for Lines, on page 769
Logging into and Exiting a Privilege Level, on page 770
How to Control Switch Access with Passwords and Privilege Levels
Setting or Changing a Static Enable Password
The enable password controls access to the privileged EXEC mode. Follow these steps to set or change a
static enable password:
SUMMARY STEPS
1. enable
2. configure terminal
3. enable password password
4. end
5. show running-config
6. copy running-config startup-config
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
758
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
