Solved

Cisco router user limited configuration access level

Posted on 2012-03-26
7
560 Views
Last Modified: 2012-06-22
Hello Experts,

I have a Cisco Router and I would like to limit a user access to the following:
1. Can not read or view the entire cisco router configuration
2. Can not add, change modify the configuration
3. I would like to only allow ping access to different network resources for troubleshooting

Any ideas are greatly apprecialted.
0
Comment
Question by:RandallVillalobos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 5

Expert Comment

by:abhishek1986
ID: 37769783
If you want users not to be able to access switch via telnet, you can simply not tell them the password for the switch. Pinging is allowed by default and so you need not do anything for that.
If you have something else in mind, please be more specific as to your requirements and there are various features and privilege and roles that can be set for users, there are options to use AAA servers, Radius Servers as well for role definition and setup.
0
 

Author Comment

by:RandallVillalobos
ID: 37772329
Hello,

I would like to create a restricted local database user authentication (not AAA).
I remember a long time a ago, I was given a router username where I could only run certain features.

Not giving the enable password will not work (just tried it) because I can not run extended pings.

Thank you
0
 

Author Comment

by:RandallVillalobos
ID: 37778149
Any ideas?
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 5

Expert Comment

by:abhishek1986
ID: 37780269
Do you want other users to log in to the switch or not?
0
 

Author Comment

by:RandallVillalobos
ID: 37783717
Hi abhishek1986,

Yes, I would like for them to log in the router with local authentication.  Thanks for the help.
0
 
LVL 5

Accepted Solution

by:
abhishek1986 earned 500 total points
ID: 37785552
There are ways regarding that:

Cisco routers have options to configure and customize 14 levels of privileged access.

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html
0
 

Author Closing Comment

by:RandallVillalobos
ID: 37787257
thanks
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month6 days, 23 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question