440
Chapter 11
Access Policies
map-class
Allows changes and configuration of map-class
map-list
Allows entrance to map-list
route-map
Allows entrance to route map configuration mode
router
Allows changes to routing protocols
To configure privileges, you configure an enable password for each level
and then assign commands that each level can perform. For Cisco IOS
devices, use the following command to set the level passwords:
Enable password level level password
Then set the privilege command as follows using the list of most com-
monly used privilege mode commands as valid modes:
Privilege mode level level command
Here is an example of how to set a password for a level 5 user, then enable
that user to execute the ping command, which is a level 15 command:
Router(config)#enable password level 5 todd
Router(config)#privilege exec level 5 ping
Router(config)#^Z
Type the command show privilege to see the current privilege:
Router#sh priv
Current privilege level is 15
Router#
You can then have the user log in with the enable 5 command, which
will prompt the user for the level 5 enable password:
Router>ena 5
Password:
Finally, you can type show privilege to see the new privilege level:
Router#sh priv
Current privilege level is 5
Router#
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com