06-26-2009 06:44 AM - edited 03-10-2019 04:33 PM
Attemptiong to associate usernames with specific views once they login.
Views have been successfully created and associated with username, but when the user logs in - they have to enter "ena view xxxx" before the view applies to them.
My understanding from readin the RBAC material is once the user logs in, they would automatically be under the control or into that view mode.
Environment;
ISR Routers - 1800, 2800, 3800
IOS - Advipservices
Ver - 12.4(22)T
AAA - No ACS, TACACS+, or RADIUS -- just AAA New-Model
What am I missing??
Config Snippet
aaa new-model
!
!
aaa authentication login default local
aaa authentication login console local
aaa authentication login vty local
aaa authentication login local_auth local
!
!
username nocoper view NOCOPER password 7 045504050031495C49
!
!
parser view NOCOPER
secret 5 $1$mUXP$w1Oqpr/rCvkhjcviGfkE8.
commands configure include-exclusive line
commands configure exclude interface
commands exec include configure terminal
commands exec include configure
commands exec include show running-config
commands exec include show
07-02-2009 01:53 PM
Users can be associated with a local CLI View by a return attribute from AAA or in local Authentication configuration. For local configuration, the username is configured with an additional view option, which matches the configured parser view name. These example users are configured for the default SDM Views:
username fw-user privilege [privilege-level] view SDM_Firewall
username monitor-user privilege [privilege-level] view SDM_Monitor
username vpn-user privilege [privilege-level] view SDM_EasyVPN_Remote
username sdm-root privilege [privilege-level] view rootUsers who are assigned to a given view can temporarily switch to another view if they have the password for the view that they want to enter. Issue this exec command in order to change views:
enable view view-name
07-06-2009 07:15 AM
hello,
You have to add the authorization command :
aaa authorization exec default local
thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide