Your Ad Here

Cisco CCNA 640-802 Tutorials Part-4

Filed under: , by: Network World

Importance of the levels of privilege in the Cisco IOS

Cisco IOS offers 16 privilege levels ( 0-15) for access to different commands or to make your router more secure.

The higher your privilege level mean the more router access you have and vice versa.

But most users or network administrators are familiar with only two privilege levels:

  • User EXEC mode—privilege level 1
  • Privileged EXEC mode—privilege level 15

or

  • privilege level 0 — Includes the disable, enable, exit, help, and logout commands.

  • privilege level 1 — Normal level on Telnet; includes all user-level commands at the router> prompt.

  • privilege level 15 — Includes all enable-level commands at the router# prompt.


By default you are in user EXEC mode (level 1) When you log in to a Cisco router.In this mode, you have access to limited information about the router, such as the status of interfaces, and you can view routes in the routing table. However, you can't make any changes or view the running configuration file.

By typing enable command takes you to level 15, privileged EXEC mode. In the Cisco IOS, In other words, you have full access to the router.

In bigger organization to properly manage and secure the router , Cisco gives the idea of levels

Configure the Levels

  • Show privilege: This command displays the current privilege. Here's an example:
router# show privilege
Current privilege level is 3
  • Enable: this command used to go to privileged EXEC mode. However, it can also take you to any privileged mode. Here's an example:
router# show privilege
Current privilege level is 3
router# enable 1
router> show privilege
Current privilege level is 1
router>
  • User: While this command configures users, it can also tell the IOS which privilege level the user will have when logging in. Here's an example:
router(config)# username test password test privilege 3
  • Privilege: This command configures certain commands to be available only at certain levels. Here's an example:
router(config)# enable secret level 5 level5pass
  • Enable secret: By default, this command creates the password to get to privilege mode 15. However, you can also use it to create passwords to get into other privilege modes that you create.

0 comments:

Post a Comment
Subscribe to: Post Comments (Atom)