cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

780
Views
0
Helpful
1
Replies
royalblues
Advocate

acs 5.2 shell authorization sets

Can someone point me to a guide on how to configure shell auth sets in 5.2

I have done it in 4.2 but can't seem to get it working in new version

Requirement is to just allow shut / no shut command but as soon as I give access to config terminal the user gets all access

Narayan

Sent from Cisco Technical Support iPhone App

1 REPLY 1
andamani
Cisco Employee

Hi,

Please do the following:

Policy elements > Command Sets > Create

Give a name

Enter the grant condition , commands and arguments

Click on ADD

Click on Submit

Click on Access-policy > Device Default Access > Authorization > Customize

Customized results > Available:Select Command set > Move to selected

ok.

Select the rule to apply TACACS authorization on the default device admin authorization page.

In the results of the shell profile Command set . Click on Select and select the command set you created.

Click on Ok.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube