Problem with Privilege levels on a Cisco 1811 running 12.4(6)T

In my config of an 1811 running version 12.4(6)T, , I have a user set up as follows:

username himom privilege 3 secret 5 <secret>

Then, in the line section, I have the following:

line vty 0 4
 privilege level 15
 login local
 transport input ssh

Yet, when user himom connects via SSH, he gets level 3 instead of 15.  The same occurs if the username definition has no privilege statement.
I can also confirm that the user is connecting to vty 0:

gw-inet.mia-cbp#show users
    Line       User       Host(s)              Idle       Location
   6 vty 0     himom      idle                 00:00:06 <ip address>

(note: I edited out my root account info and the ip addresses, but they shouldn't matter)

Can anyone tell me why user himom isn't getting level 15 upon login?

Who is Participating?
Don JohnstonConnect With a Mentor InstructorCommented:
The "login local" command instructs the IOS to authenticate using the accounts defined by "username..." The "priviledge level 15" is not a factor. What matters is what priviledge level is specified in the username statement.

If you want the "priviledge level 15" command on your line vty's to take effect you need to remove the "login local" command.
Don JohnstonInstructorCommented:
When you authenticate using the local database, the priviledge level received is what the user account specifies.
guykingAuthor Commented:

I'm sorry, but I don't understand your comment.  You said "When you authenticate using the local database, the priviledge level received is what the user account specifies."

What does the "local database" have to do with the fact that the "line" privilege setting is ignored?  When else is it ignored?
Better yet, when isn't it ignored?

I am sorry that I am so clueless, but I suspect that there is some much bigger picture issue that I am missing here.

Hi Guyking,

Can you tell me if you ever found the solution to the index files (low disk space) problem you had last winter?  I have the same thing going on . . .

Just email me at so that I don't cause trouble on * this * topic.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.