Based on George’s reply I tried to create two usernames with differents privilege leves:
username newbie privilege 8 secret 5 $1$BiPz$TLuUEbPhyDEgnwQiOC5y0/ (cisco)
username senior privilege 15 secret 5 $1$G2Ym$.1hVi/NAd1qz2/FBS7xaO0 (cisco)
I want user newibe to able to enter show commads :
privilege exec level 8 show
I wanted user senior to able to enter configure commands :
privilege exec level 15 configure
Then I enter the AAA configuration :
aaa new-model
aaa authentication login list1 local
aaa authorization exec l1 local
Then I Applied it to the line VTY 0 4
line vty 0 4
authorization exec l1
login authentication list1
Of course I configured the ENA Password :
enable secret 5 $1$la.q$EjYxrP4hcerlF88c1GX4e/ (ena)
Then I tried to access the device via telnet with a user newbie :
R2(config-if)#do telnet 192.168.1.1
Trying 192.168.1.1 ... Open
User Access Verification
Username: newbie
Password:
R1>ena
Password:
R1#show privilege
Current privilege level is 15
I don’t know what is the dummy mistake I have here, can you assist ?
What are you thoughts ?