Why can a user use commands higher than level 1 after the user level configured on the RADIUS server for the user is set to level 1

7

Run the display current-configuration command to check the configuration on the router and check whether the command line level has been changed by running the command-privilege level command.

Other related questions:
Why the user has rights of a higher level than level 1 configured on the RADIUS server after login
If a user has a higher level than the configured level on the RADIUS server after the user logs in to the AR, run the display current-configuration command to check the configurations on the AR and check whether the command-privilege level command is used to change the command line level.

Level 1 is configured for a user on the RADIUS server, but the user has more rights than rights defined in Level 1 after login. Why
Run the display current-configuration command to check the device configuration and check whether the command-privilege level command is used to change the level.

Why level-1 users can run configuration-level commands on S series switches
Level-1 users can use only the commands at level 1 and level 0, but cannot use the level-2 (configuration-level) commands. You can use the following three methods to set the user level for users logging in through AAA local authentication. The user level set in the first method has the highest priority, and the user level set in the last method has the lowest priority. Run the local-user user-name privilege level level command in the AAA view to set the user level for the user named user-name. Run the admin-user privilege level level command in the service scheme view to set a user level for all users in a domain. Run the user privilege level level command in the user view to set a user level for all users logging in through the user view. By default, the users on the console port are at level 15 and the users on the VTY user interface are at level 0. Therefore, user level 1 set in the user view does not take effect because a higher user level has been set in the AAA or service scheme view.

In the UC2.3 network environment, after lower-level users communicate with higher-level users, can lower-level users query information about higher-level users?
The higher-level users can actively contact lower-level users and lower-level users can add higher-level users as friends and query information about higher-level users. After the contact ends, if the lower-level users have not added higher-level users, the lower-level users cannot query information about higher-level users.

Does the router support user level settings using RADIUS
Yes, the router can set user levels using RADIUS. The configuration effect is the same as the local user level configuration during AAA local authentication. You can set the user levels on the RADIUS server.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top