ppp accounting through quit
primary
To assign a specified trustpoint as the primary trustpoint of the router, use the primary command in ca-trustpoint configuration mode.
primary name
Syntax Description
name |
Name of the primary trustpoint of the router. |
Command Default
No default behavior or values.
Command Modes
Ca-trustpoint configuration
Command History
Release |
Modification |
---|---|
12.2(8)T |
This command was introduced. |
12.2(18)SXD |
This command was integrated into Cisco IOS Release 12.2(18)SXD. |
12.2(33)SRA |
This command was integrated into Cisco IOS release 12.(33)SRA. |
Usage Guidelines
Use the primary command to specify a given trustpoint as primary.
Before you can configure this command, you must enable the crypto ca trustpointcommand , which defines the trustpoint and enters ca-trustpoint configuration mode.
Examples
The following example shows how to configure the trustpoint “ka” as the primary trustpoint:
cr ypto ca trustpoint ka enrollment url http://xxx primary crl option al
Related Commands
Command |
Description |
---|---|
crypto ca trustpoint |
Declares the CA that your router should use. |
privilege level
To set the default privilege level for a line, use the privilege level command in line configuration mode. To restore the default user privilege level to the line, use the no form of this command.
privilege level level
no privilege level
Syntax Description
level |
Privilege level associated with the specified line. |
Command Default
Level 15 is the level of access permitted by the enable password.
Level 1 is normal EXEC-mode user privileges.
Command Modes
Line configuration
Command History
Release |
Modification |
---|---|
10.3 |
This command was introduced. |
12.2(33)SRA |
This command was integrated into Cisco IOS release 12.(33)SRA. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Users can override the privilege level you set using this command by logging in to the line and enabling a different privilege level. They can lower the privilege level by using the disable command. If users know the password to a higher privilege level, they can use that password to enable the higher privilege level.
You can use level 0 to specify a subset of commands for specific users or lines. For example, you can allow user “guest” to use only the show users and exit commands.
You might specify a high level of privilege for your console line to restrict line usage.
Note | Before Cisco IOS Release 12.2SXI, it was mandatory that a privilege level of 15 needed to be configured in the Access Control System (ACS) for Webauth (web authentication) to succeed. After this release, privilege configurations in the ACS are no longer mandatory. |
Note | Some CLI commands are not supported with the privilege level command. For example, commands such as router bgp, and default interface, etc cannot be associated with a privilege level. Though the global configuration CLI may accept the privilege-level assignment for these unsupported commands, they do not become part of the router's running-configuration. |
Examples
The following example configures the auxiliary line for privilege level 5. Anyone using the auxiliary line has privilege level 5 by default:
line aux 0 privilege level 5
The following example sets all show ip commands, which includes all show commands, to privilege level 7:
privilege exec level 7 show ip route
This is equivalent to the following command:
privilege exec level 7 show
The following example sets the show ip route command to level 7 and show ip commands to level 1:
privilege exec level 7 show ip route privilege exec level 1 show ip
Related Commands
Command |
Description |
---|---|
enable password |
Sets a local password to control access to various privilege levels. |