Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2158
Views
0
Helpful
4
Replies

Command authorisation set on SecureACS

kkeen
Level 1
Level 1

‎07-20-2005 09:27 PM

Guys, I'm hoping you can assist. I've defined a group for some level 2 engineers within ACS, however I want to be able to grant access for these guys to 'create' sub interfaces and have full control over those, but I do not want them to have control over the Physical interface (ie, disable shutdown and encapsulation commands as to not bring down the sub interfaces)

Does anyone have a idea how this can be achieved?

I added a deny interface e0/0

then added permit interface, however this did not work

Ideas?

Thanks in advance!

Labels:
0 Helpful
4 Replies 4

b.hsu
Level 5
Level 5

‎07-26-2005 11:14 AM

I think this cannot be achieved using command authorisation, you need to have physical control over the boxes for this.

0 Helpful

kkeen
Level 1
Level 1
In response to b.hsu

‎07-26-2005 02:32 PM

Damn - does anyone else have any input? I'd really like to achieve this if possible

0 Helpful

472189
Level 1
Level 1

‎07-27-2005 12:35 PM

Do you have config command autorization configured on the device??

0 Helpful

kkeen
Level 1
Level 1
In response to 472189

‎07-27-2005 02:21 PM

Indeed I do because I am using ACS to control access to various commands - its just I want to extend this control to limit physical interfaces only, not logical

0 Helpful
Customers Also Viewed These Support Documents