Re: Problems with privilege mode 5 commands

From: Larry Roberts (groupstudy@american-hero.com)
Date: Thu Feb 09 2006 - 10:14:45 GMT-3

• Next message: mani poopal: "show run- pri levels between 2-14"
• Previous message: bi.s: "Re: Should presales engenier have CCIE???"
• Maybe in reply to: Anderson Mota Alves: "Problems with privilege mode 5 commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Andy,

Put in just "privilege interface level 5 ip address" and take a look at
your running config.
you should see both in there. Similarly for my "write" command
"configure" command and "undebug".

Adding one adds the other, at least in my IOS it does.

Anderson Mota Alves wrote:

>Hi Larry,
>
>Thanks for your solution, now that I saw your solution I have a question
>to make I've seen that for example to configure an ip address people
>usually configure
>
>privilege interface level 5 ip and then
>
>privilege interface level 5 ip address but my question is do I really
>need to use ip and then ip address? Because I used only the ip address
>and worked for me, so I'm wondering imagine we get this requirement in
>the ccie lab do you think I will be punished if I use both of the
>commands since the only one worked anyway, or maybe I'm missing something
>here so that's why we need to put the ip and then ip address.
>
>Any comments are helpful !!!
>
>Thanks,
>
>Andy
>
> --------------------------------------------------------------------
>
> From: Larry Roberts <groupstudy@american-hero.com>
> Reply-To: Larry Roberts <groupstudy@american-hero.com>
> To: Anderson Mota Alves <mota_anderson@hotmail.com>
> CC: mario.salzano@siemens.com, jenseike@start.no,
> ccielab@groupstudy.com
> Subject: Re: Problems with privilege mode 5 commands
> Date: Wed, 08 Feb 2006 21:59:04 -0500
> >my solution using AAA. I removed unrelated config info.
> >
> >username cisco privilege 15 password 0 cisco
> >username test5 privilege 5 password 0 test5
> >aaa new-model
> >!
> >!
> >aaa authentication login default local
> >aaa authorization config-commands
> >aaa authorization exec default local
> >aaa authorization commands 5 default local
> >aaa authorization commands 15 default local
> >!
> >privilege interface level 5 ip address
> >privilege interface level 5 ip
> >privilege configure level 5 interface
> >privilege exec level 5 write memory
> >privilege exec level 5 write
> >privilege exec level 5 ping
> >privilege exec level 5 configure terminal
> >privilege exec level 5 configure
> >privilege exec level 5 undebug all
> >privilege exec level 5 undebug
> >!
> >line con 0
> >line aux 0
> >line vty 0 4
> >!
> >!
> >end
> >
> >
> >Anderson Mota Alves wrote:
> > > Hi Mario,
> > >
> > > Thanks for the advise I tried your command and everything worked
> just
> > > fine :-D Actually I didn't need to put the privilege interface
> level 5 ip
> > > and then privilege interface level 5 ip address I just put the
> privilege
> > > interface level 5 ip address.
> > >
> > > Something to be aware of is that if you have a requeriment to
> configure
> > > this and to put into the telnet lines line vty 0 4 and for some
> reasons
> > > you don't have other user configured for privilege level 15 you
> may get
> > > yourself locked if you time out or try to reconnect the
> connection
> > > because after configured line vty 0 4 and login local if you have
> only a
> > > user in level 5 you won't have anymore rights than previously
> configured.
> > >
> > > Thanks Jens and Mario.
> > >
> > >
> --------------------------------------------------------------------
> > >
> > > From: "Salzano, Mario Arthur Costa"
> <mario.salzano@siemens.com>
> > > Reply-To: "Salzano, Mario Arthur Costa"
> <mario.salzano@siemens.com>
> > > To: "Jens Petter Eikeland" <jenseike@start.no>, "Anderson Mota
> > > Alves" <mota_anderson@hotmail.com>, <ccielab@groupstudy.com>
> > > Subject: RE: Problems with privilege mode 5 commands
> > > Date: Wed, 8 Feb 2006 17:13:31 -0200
> > > >Hi Andy,
> > > >
> > > >Try to use the commands: privilege interface level 5 ip and
> > > privilege
> > > >interface level 5 ip address. I did this way and it worked
> properly.
> > > >Tell me the result, ok?
> > > >
> > > >Good Luck!
> > > >
> > > >
> > > >-----Original Message-----
> > > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf
> > > Of
> > > >Jens Petter Eikeland
> > > >Sent: Wednesday, February 08, 2006 1:58 PM
> > > >To: Anderson Mota Alves; ccielab@groupstudy.com
> > > >Subject: Re: Problems with privilege mode 5 commands
> > > >
> > > >have you tried debuging this to see what is really happening.
> also
> > > you
> > > >should add the "privilege exec level 5 configure" command.
> also try
> > > >remove
> > > >the enable secret 5 and then test.. test with only the
> commands that
> > > are
> > > >
> > > >needed to do the task... do the basics.. the config looks good
> to
> > > me, so
> > > >the
> > > >debug should tell you something more about it.
> > > >----- Original Message -----
> > > >From: "Anderson Mota Alves" <mota_anderson@hotmail.com>
> > > >To: <ccielab@groupstudy.com>
> > > >Sent: Wednesday, February 08, 2006 2:39 PM
> > > >Subject: Problems with privilege mode 5 commands
> > > >
> > > >
> > > > > Hi everyone, I have a requirement to make stated below and
> I made
> > > a
> > > > > resolution yesterday in my lab but the problem is that when
> I
> > > tried to
> > > > > assign an ip address to an interface logged in level 5 with
> the
> > > >commands
> > > > > I configured I can't make it, so I was wondering if someone
> here
> > > could
> > > > > help me out?Configure an user in privilege mode 5 with
> username
> > > user5
> > > >and
> > > > > password user5 and he must be able to do the following:
> > > > > Make an extended ping
> > > > > Configure interfaces
> > > > > Assign and remove IP address to an interface
> > > > > Save the config in NVRAM
> > > > > and turn off all the debugging in the router My
> > > resolution:username
> > > > > cisco5 privilege 5 password 0 cisco5
> > > > > enable secret level 5 5 $1$bkFU$AyQYwdii5.bP8n4hMKut6.
> privilege
> > > > > configure level 5 interface
> > > > > privilege configure level 5 ip address
> > > > > privilege exec level 5 ping
> > > > > privilege exec level 5 configure terminal
> > > > > privilege exec level 5 copy run start
> > > > > privilege exec level 5 undebug all line console 0
> > > > > login local Any comments are really appreciated !!!
> Regards,
> > > > > Andy
> > > > >
> > > > >
> > >
> >_______________________________________________________________________
> > > > > Subscription information may be found at:
> > > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > >
> >_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > > >
> > >
> >_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: mani poopal: "show run- pri levels between 2-14"
• Previous message: bi.s: "Re: Should presales engenier have CCIE???"
• Maybe in reply to: Anderson Mota Alves: "Problems with privilege mode 5 commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Mar 01 2006 - 11:28:17 GMT-3