Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
578
Views
0
Helpful
0
Replies

Granular access control

jonathan johnson
Level 1
Level 1

‎06-17-2015 05:51 PM - edited ‎03-10-2019 10:49 PM

Hi,

I have a few routers that I'd like to provide access to for support staff, but, I don't want them to have access to everything on the router or switch.  I've looked at using privilege levels and a tacacs server and also Role-based CLI (RBAC).

The Role-based CLI is a bit more granular for what I had in mind, however, doesn't seem to quite fit the bill for what I want to achieve - which is below.

 

1.  Allow access to create and modify ACL's - but don't allow access to modify some specific ACLs

2.  Allow BGP neighbor to be created and modified - but not certain critical neighbors

 

I'd be grateful for any input on how/if this could be done.

Thanks,

Jonno 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents