From: kevin gannon (kevin@gannons.net)
Date: Sat Oct 08 2005 - 07:36:33 GMT-3
Mike
Did some testing and if you dont use a local username/password but
just have
line vty 0 4
login
priv 15
This works fine however with local username it doesnt work like that.
So below is my solution using AAA without a TACACS/RADIUS
server:
aaa authentication login default local
aaa authorization exec default none
aaa session-id common
ip subnet-zero
!
line vty 0 4
privilege level 15
It works fine for me. Your mileage might vary depending on what
else you need AAA to do for you.
Regards
Kevin
On 10/8/05, mikenoc@mindspring.com <mikenoc@mindspring.com> wrote:
> Hello,
>
> I am trying to practice setting the default prividge level for all users who log into a router. I think there may be a way to do this withought specifying the prividge level per username. I tried using the below command under the vty lines and it does not seem to work. I set privilege level 15 in this example and when telneting from another router it is in user exec mode not priviledged. Is there a way to acomplish what I am trying to do withought using TACACS ?
>
> Thanks,
>
> Mike F.
>
>
> /line vty
> filtering...
> line vty 0 4
> exec-timeout 0 0
> privilege level 15 <------ Set the command
> login local
> line vty 5 15
> login
> !
> end
>
> SW1#
>
> R1#telnet 1.1.7.7
> Trying 1.1.7.7 ... Open
>
>
> User Access Verification
>
> Username: mike
> Password:
> SW1>conf t
> ^
> % Invalid input detected at '^' marker.
>
> SW1>exit
>
> [Connection to 1.1.7.7 closed by foreign host]
> R1#
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:49 GMT-3