martes, 10 de octubre de 2017

CISCO. How to access a switch with limited permissions



I explain how to create one user to acces to switch with limited permitions, for example for create one network opertator or Help desk user.



Configure Switch. Commands:

aaa new-model
aaa authentication login default local
aaa authorization exec default local

privilege interface level 10 duplex
privilege interface level 10 speed
privilege interface level 10 shutdown
privilege interface all level 10 switchport
privilege interface level 10 description
privilege interface level 10 no duplex
privilege interface level 10 no speed
privilege interface level 10 no shutdown
privilege interface all level 10 no switchport
privilege interface level 10 no description
privilege interface level 10 no
privilege configure level 10 interface
privilege exec level 10 configure terminal
privilege exec level 10 configure
privilege exec level 10 show mac
privilege exec level 10 show arp
privilege exec level 10 show running-config interface
privilege exec level 10 show logging
privilege exec level 10 show interfaces

privilege exec level 10 show

Configure User. Asign user privileges. Commands:

(config)# username NOMBRE privilege 10      
   

With this configuration the user Jxxxx can to access to privilege 10 and lower

Other example. Commands:

username gontest privilege 5 password gontest
privilege exec level 4 show running-config view full


Check at 2960/ 3780 SW 
by GoN | Published: October 10, 2017 | Last Updated: