Name: Cisco Catalyst 250 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Privilege Levels

Cisco switches (and other devices) use privilege levels to provide password security for different levels of

switch operation. By default, the Cisco IOS software operates in two modes (privilege levels) of password

security: user EXEC (Level 1) and privileged EXEC (Level 15). You can configure up to 16 hierarchical

levels of commands for each mode. By configuring multiple passwords, you can allow different sets of users

to have access to specified commands.

Privilege Levels on Lines

Users can override the privilege level you set using the privilege level line configuration command by logging

in to the line and enabling a different privilege level. They can lower the privilege level by using the disable

command. If users know the password to a higher privilege level, they can use that password to enable the

higher privilege level. You might specify a high level or privilege level for your console line to restrict line

usage.

For example, if you want many users to have access to the clear line command, you can assign it level 2 security

and distribute the level 2 password fairly widely. But if you want more restricted access to the configure

command, you can assign it level 3 security and distribute that password to a more restricted group of users.

Command Privilege Levels

When you set a command to a privilege level, all commands whose syntax is a subset of that command are

also set to that level. For example, if you set the show ip traffic command to level 15, the show commands

and show ip commands are automatically set to privilege level 15 unless you set them individually to different

levels.

Cisco Catalyst 250 Series User Manual

Other manuals for Cisco Catalyst 250 Series