Hi,
I'm not sure about Radius, but if you use local authentication you should
try something like this:
username abc privilege 5 password 123
username rst privilege 10 password 456
username uvw privilege 10 password 789
username xyz privilege 15 password 789 # this gives user xyz immediate
access to the enable level (15)
!
Then you should have to change all non privileged level commands, except
PING, to a level higher than the user that should be allowed to PING:
!
privilege exec level 10 enable
privilege exec level 10 show
privilege exec level 10 telnet #
and so on (type ? on non privileged prompt to see a list of the commands you
should change)
privilege exec level 5 ping # This is optional. You may list here all
commands that user abc will be allowed, just for documentation.
!
At the vty line do this:
!
line vty 0 4
no password
login local
!
Hope this helps!
ER
----- Original Message -----
From: "kaushalenders"
To:
Sent: Thursday, September 06, 2001 4:28 AM
Subject: prvilige on vty [7:18769]
hi
I want that my all vty user should pe authenticated by radius and 1 of them
should able to ping only and can not do any thing else.How can i set that
privelege to user on vty . plz help me
i have tried
aaa new-model
aaa authentication login default radius
now what command i have to give to set the privilige
yhanxs
kaushalender
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=19035&t=18769
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
