cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1943
Views
0
Helpful
6
Replies

ISE TACACS command authorization question

Richard Dumag
Level 1
Level 1

Hello,,

I would like to allow entry level admins to be able to configure all switch access interfaces/ports.  What is the command?  I've tried different commands but to no avail.  Below are what I have tried so far but do not work.  Any assistance is appreciated.  Thanks.

 

permit      configure      interface all

permit      configure      interface GigabitEthernet all

permit      configure      interface .*

permit      configure      interface GigabitEthernet .*

 

Richard

 

2 Accepted Solutions

Accepted Solutions

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

The columns are grant, command, argument. So you will want something like:

 

permit    configure    terminal
permit    interface    GigabitEthernet.*

cheers,

Seb.

View solution in original post

Hi Richard,

It should be:

Permit      shutdown
Permit      no                  shutdown

 Leave out the .*

 

cheers,

Seb.

View solution in original post

6 Replies 6

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

The columns are grant, command, argument. So you will want something like:

 

permit    configure    terminal
permit    interface    GigabitEthernet.*

cheers,

Seb.

Hi Seb, 

Thank you for responding and explaining. I will give it a try and let you know. 

 

Richard

 

Hi Seb,

That worked.  Thank you again.

Richard 

Hi Seb,

I have another question.  How can I grant shutdown and no shutdown commands.

I've tried different ways but could not get it to work.  For example

 

permit    shutdown      .*

permit    no shutdown  .*

permit    interface  GigabitEthernet.* shutdown

permit   interface    GigabitEthernet.*  no shutdown

 

Appreciate your help.  Thanks.

 

Richard

 

 

 

Hi Richard,

It should be:

Permit      shutdown
Permit      no                  shutdown

 Leave out the .*

 

cheers,

Seb.

Hi Seb,

Thank you for the quick reply.  I think I'm understanding the process now.  

 

Richard