Lab Objective:
The objective of this lab exercise is for you to learn and understand how to configure privilege levels for certain commands and passwords on Cisco IOS devices.
Lab Purpose:
Configuring user privilege levels on Cisco IOS devices is a fundamental skill. Users can be configured with certain privilege levels that allow them to execute certain commands. As a Cisco engineer, as well as in the Cisco CCNA exam, you will be expected to know how to configure user privilege levels on Cisco IOS devices.
Certification Level:
This lab is suitable for CCNA certification exam preparation.
Lab Difficulty:
This lab has a difficulty rating of 6/10.
Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 10 minutes.
Lab Topology:
Please use any single Cisco IOS router or switch to complete the following lab.
Task 1:
Configure a hostname of your liking on your Cisco IOS router or switch. It may be easier to use a router for this lab.
Task 2:
Configure the secret level 15 password cisco456 on your device.
Task 3:
Issue the show ip interface brief command from User Exec mode (i.e., where you see the > symbol after the device name). Verify that this command works and you do see the current interface status.
Task 4:
Configure the show ip interface brief command to work only for users with Level 15 access.
Task 5:
If you are connected via the console, type in the disable command to return to User Exec mode (i.e., where you see the > symbol after the device hostname). Next, issue the show ip interfaces brief command. If you have configured your device correctly, this command will no longer work in User Exec mode.
Task 6:
Next, type in enable and type in the Level 15 password cisco456. Attempt to issue the show ip interface brief command. If your configuration is correct, this will work.
Configuration and Verification
Task 1:
For reference information on configuring hostnames, please refer to earlier labs.
Task 2:
R1#conf t Enter configuration commands, one per line. End with CTRL/Z. R1(config)#enable secret level 15 cisco456 R1(config)#^Z R1#
Task 3:
R1>show ip interface brief Interface IP-Address OK? Method Status Protocol Ethernet0/0 unassigned YES manual administratively down down Serial0/0 unassigned YES manual administratively down down Serial0/1 unassigned YES manual administratively down down
Task 4:
R1#conf t Enter configuration commands, one per line. End with CTRL/Z. R1(config)#privilege exec level 15 show ip interface brief R1(config)#end R1#
NOTE: The privilege exec command is used to set different privilege levels for commands. By default, the show ip interfaces brief command has a privilege level of 1, which means that it can be issued from the User Exec prompt (i.e., the > prompt after the hostname of the device).
Task 5:
R1#disable R1>show ip interface brief ^ % Invalid input detected at “^” marker.
Task 6:
R1>enable Password: R1#show ip interface brief Interface IP-Address OK? Method Status Protocol Ethernet0/0 unassigned YES manual administratively down down Serial0/0 unassigned YES manual administratively down down Serial0/1 unassigned YES manual administratively down down