I have a Cisco PIX 515E running version 6.3. I wish to limit the privilege of users that login to the PIX. I have the following commands in my PIX:
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
aaa authorization command LOCAL
username pixadmin password 12345 privilege 15
username user1 password abcde privilege 0
username user2 password abcde privilege 1
My problem is that when I login (SSH) to my PIX using user1 and user2 who have been given low privilege, I can do ANYTHING with the PIX; I can perform ANY commands. Anything wrong with my commands? Anything is still missing in the configuration? Please advise. Thank you.