Lab Objective:
The objective of this lab exercise is for you to learn and understand how to configure user privileges on devices.
Lab Purpose:
Configuring user privilege levels on Cisco IOS devices is a fundamental skill. Users can be configured with certain privilege levels that allow them to execute certain commands. As a Cisco engineer, as well as in the Cisco CCNA exam, you will be expected to know how to configure user privilege levels on Cisco IOS devices.
Certification Level:
This lab is suitable for CCNA certification exam preparation.
Lab Difficulty:
This lab has a difficulty rating of 6/10.
Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 10 minutes.
Lab Topology:
Please use the following topology to complete this lab:
Task 1:
Configure the hostnames on R1 and R3 as illustrated in the topology.
Task 2:
Configure R1 to provide clocking to R3 at a rate of 2 Mbps. Next, configure the IP addresses on R1 and R3 as illustrated in the network topology.
Task 3:
Configure the VTY lines on R3 to allow users to log into the router based on locally configured usernames and passwords. Also, configure the enable secret of SAFE on R3.
Task 4:
Configure R3 with the following user accounts:
Connect via Telnet from R1 to R3. First, log in with the username admin and check your privilege level and the router prompt after login. Next, log in with the username test and check your privilege level and the router prompt after login. Do you notice any differences?
Configuration and Verification
Task 1:
For reference information on configuring hostnames, please refer to earlier labs.
Task 2:
For reference information on configuring DCE clocking and IP addressing, please refer to earlier labs.
Task 3:
R3#conf t Enter configuration commands, one per line. End with CTRL/Z. R3(config)#line vty 0 4 R3(config-line)#login local R3(config-line)#end R3#
NOTE: The login local command specifies that the device should use the local database for user authentication. When configured, you must also configure username and password pairs to be used to gain access to the device.
Task 4:
R3#conf t Enter configuration commands, one per line. End with CTRL/Z. R3(config)#username admin privilege 15 password cisco R3(config)#username test privilege 1 password cisco R3(config)#end R3# R1#telnet 192.168.254.2 Trying 192.168.254.3 ... Open User Access Verification Username: admin Password: R3# R1#telnet 192.168.254.2 Trying 192.168.254.3 ... Open User Access Verification Username: test Password: R3>
NOTE: Notice how user admin is automatically in Privileged Exec mode after successful login, as illustrated by the # symbol; however, you can see that user test (who has a privilege level of 1) is automatically put into User Exec mode after successful login, as illustrated by the > symbol.