Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
430
Views
0
Helpful
2
Replies

Local authorization query

Jonn cos
Level 4
Level 4

‎12-01-2010 09:19 PM - edited ‎03-10-2019 05:38 PM

Hi all experts.

I am using ACS to provide authentication and accounting purpose. But when ACS is not reachable (tunnel is not up but WAN ip is reachable or something like that) i am able to login to remote router via local username and able to do level 15 configuration. My requirement is as follows

1) I want to create 2 username. User1 and User2. Both of them should have access to all level 15 configuration.

2) Only restriction is that, User1 should not be able to delete or create new "ip sla" objects, like he should not be allowed to perform the following configuration

ip sla 1 or ip sla monitor 1 or ip rtr

Can someone pls guide me how to do this ?

Labels:
0 Helpful
2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

‎12-02-2010 06:55 AM

Hi,

I think easiest way to do this if your IOS supports this feature is to use role-based CLI aka  views.

Regards.

Don't forget to rate helpful posts.
0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee
In response to cadet alain

‎12-02-2010 10:41 AM

A link that explains how to set it up

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtclivws.html

I hope it helps.

PK

0 Helpful
Top