Viewing Command Privilege Levels; Configuring Tacacs+ Command Authorization - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 12
Configuring AAA
FWSM/contexta(config)# privilege configure level 15 mode configure command configure
FWSM/contexta(config)# privilege configure level 15 mode enable command configure
This last line is for the configure terminal command.
Note
Viewing Command Privilege Levels
The following commands allow you to view privilege levels for commands.
•
•
•
For example, for the show privilege all command, the system displays the current assignment of each
CLI command to a privilege level. The following example illustrates the first part of the display:
FWSM(config)# show privilege all
privilege show level 15 command aaa
privilege clear level 15 command aaa
privilege configure level 15 command aaa
privilege show level 15 command aaa-server
privilege clear level 15 command aaa-server
privilege configure level 15 command aaa-server
privilege show level 15 command access-group
privilege clear level 15 command access-group
privilege configure level 15 command access-group
privilege show level 15 command access-list
privilege clear level 15 command access-list
privilege configure level 15 command access-list
privilege show level 15 command activation-key
privilege configure level 15 command activation-key
....
The following command displays the command assignments for privilege level 10:
FWSM/contexta(config)# show privilege level 10
privilege show level 10 command aaa
The following command displays the command assignment for the access-list command:
FWSM/contexta(config)# show privilege command access-list
privilege show level 15 command access-list
privilege clear level 15 command access-list
privilege configure level 15 command access-list
Configuring TACACS+ Command Authorization
If you enable TACACS+ command authorization, and a user enters a command at the CLI, the FWSM
sends the command and username to the TACACS+ server to determine if the command is authorized.
OL-6392-01
To show all commands, enter the following command:
FWSM/contexta(config)# show privilege all
To shows command for a specific level, enter the following command:
FWSM/contexta(config)# show privilege level level
The level is an integer between 0 and 15.
To show the level of a specific command, enter the following command:
FWSM/contexta(config)# show privilege command command
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Configuring Command Authorization
12-13
Advertisement
Table of Contents
Troubleshooting
