Blogs for Exambible Pdf

Free Exambible Pdf Resources

CiscoIOS of 16 Kinds of Permission Levels

Posted on | February 5, 2010 | No Comments

A lot of work on top of the Cisco IOS network administrators have never bothered to considered that they are using permission levels or those levels of meaning. However, Cisco IOS actually 16 kinds of different permission levels. David Davis discusses these different levels and to introduce you to configure these permissions need to use the main command.

Do you know why Cisco IOS commands with different permission levels provide a 16? A lot of work environment in the Cisco IOS network administrators have never bothered to considered that they are using permission levels or those levels of meaning.

When the Cisco IOS enter a different permission levels, your competence level higher in your router operation can be carried out by the more. But the majority of users of Cisco routers are familiar with only two privilege levels:

User EXEC mode – privilege level 1

Privileged EXEC mode – privilege level 15

In the default configuration when you log on to the Cisco router, you are in user EXEC mode (level 1), the. In this mode, you can view the router’s some information, such as interface status, and you can view the routing table in routing. However, you can not make any changes or view the running configuration file.

Because of these limitations, Cisco routers, the majority of users immediately type enable to exit the user EXEC mode. By default, the input enable will enter grade 15, that is, privileged EXEC mode. In the Cisco IOS, this level is equivalent to have root privileges in UNIX or Windows, has administrator privileges. In other words, you can take full control of the router.

Because the Internet is only by a small number of people to maintain, each of them usually has access to privileged mode password. However, in some cases, those small or medium-sized companies will continue to grow, while the rights issue will become more complex.

Many times, when there is a support group or do not need too much access to the router on the lack of experienced administrators when problems emerged. Maybe they just need to connect to the router to view the running configuration or reset interfaces.

In this case, these people will need between Level 1 to a level between grades 15 to operate. Please keep in mind the principle of least privilege: only give access to the necessary minimum.

There are many possible configurations of the method of IOS users and permissions, I can not described in detail in an article for each method. Therefore, we will pay attention to permissions when you configure the basic commands used.

Show privilege: This command displays the current permissions. Here’s an example:

router # show privilege

Current privilege level is 3

Enable: Administrators typically use this command to enter privileged EXEC mode. However, it can also bring you access to any privileged mode. Here’s an example:

router # show privilege

Current privilege level is 3

router # enable 1

router> show privilege

Current privilege level is 1

router>

User: This command can not only set the user, it can tell the IOS, when the user login will have what permission levels. Here’s an example:

router (config) # u-sername test password test privilege 3

Privilege: This command set some commands can be used only in a certain level. Here’s an example:

router (config) # enable secret level 5 level5pass

Enable secret: By default, this command creates a password to enter privileged mode 15. However, you can also use it to create access to other areas that you can create a privileged mode password.

Let us examine an example. Suppose you want to create a maintenance user, he can log on to the router and view the boot information (and any other level 1 information). You will enter the command might be:

router (config) # u-ser support privilege 3 password support

router (config) # privilege exec level 3 show startup-config

Note that does not need to enable secret command, unless you want to level a user logged in. In order to be raised to Level 3 to use a password. In our example, the new user (maintenance) has been at Level 3, and no additional enable secret password to login.

In addition, important to note that this configuration assumes you already have a configured user name and password of the router, the example also assumes that you have to define the enable secret level 15 command, you have a have a level 15 super-user , and you have super-user privileges to save the startup configuration file.

  • Share/Bookmark

Related Posts

  1. The True Worth of Cisco CCIE
  2. Cisco 642-825 Free Demo – 6
  3. Cisco 642-825 Free Demo – 7
  4. Cisco 642-825 Free Demo – 5
  5. Exambible Cisco 640-802 exam
  6. CCNA-RIPv2 authentication and trigger an update configuration test
Category: Cisco
Tags:

Comments

Comments are closed.

About

This is an area of sharing experiences and information about certification exams, Here, you can get the latest certification information, We hope that these can provide you some help.

Subscribe to our feed

Search

Tag Archive

000-078 000-081 000-695 000-874 000-908 000-M21 1D0-435 1z0-042 1z0-043 1z0-047 350-018 350-022 640-802 640-802 examination material 640-816 642-181 642-426 642-816 642-825 642-873 642-892 642-901 642-982 646-204 candidates exam CCIE CCNA CCNP Cisco Cisco 642-825 Cisco CCNA COG-112 COG-122 comptia 220 602 exambible Exambible CCNA Exambible Cisco hp0-j34 HP certification IBM jn0-201 LOT-753 LOT-825 the 640-802 examination preparing VCP-410

AD