Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1000
Views
0
Helpful
1
Replies

ACS Command Set Examples

mvann
Level 1
Level 1

‎10-18-2013 08:44 AM - edited ‎03-10-2019 09:00 PM

Hello all,

We have an ACS server that all of our network devices point back to. I'm trying to grant our support the ability to configure port-security on our switches. I've allowed them access to configure and access ports but I'm having a hard time getting ACS to permit them to remove a mac address. The command I'm trying to allow is the following.

"no switchport port-security mac-address sticky 000d.000e.000e"

Does somebody have an example of how to allow this command and permit the removal of any mac-address? Also, is there a repository of ACS command set examples around? I've done some searching but I haven't turned anything up.


Thanks

Labels:
0 Helpful
1 Reply 1

Sam Hertica
Cisco Employee
Cisco Employee

‎10-18-2013 09:55 AM

Command set docs

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/pol_elem.html#wp1077595

I couldn't find any actual examples of it in use, which is some good food for thoughts for an external doc in the future.

But it should be pretty straight-forward, just have a command entry that's set for permit and the command being 'no switchport port-security mac-address sticky *'

The * would allow for any argument after sticky keyword.

If that doesn't work, what step of the process are you failing at? Can you get dropped into global config? Interface config?

0 Helpful
Customers Also Viewed These Support Documents