I need to create a role in a 7K version 6.2(16) for a server admin to be able to add and remove one variation of a route (in the middle of the night, so I don't want to get up unless he calls me if it all goes wrong).
The commands he needs to be able to execute are:
ip route 10.11.20.23/32 10.10.10.26 tag 10
ip route 10.11.20.23/32 10.10.10.27 tag 10
no ip route 10.11.20.23/32 10.10.10.26 tag 10
no ip route 10.11.20.23/32 10.10.10.27 tag 10
I fiddled with roles a little, but it's not straightforward how to make this happen. Here's what I have:
role name serveradmin
rule 10 permit command config t
rule 1 permit command ip route 10.11.20.23/32 10.10.10.2 tag 10
rule 2 permit command no ip route 10.11.20.23/32 10.10.10.2 tag 10
It said it supported regex, so I figured I'd just go for that.
Once I go into "config t"I don't have any options. I'm guessing "command" means exec mode and doesn't count for config mode. However, I don't see a way to do anything for config mode besides read-write features, ip routing not being one of those. Any suggestions?
. My work contains abbundance of networking gear.i have 3945 routers with attatched nme,3850 switches 48 gig port with 4 tengig port,3850 switch with 16 fiber ports, fortigate 600d along with servers with 8tbs of free space.if you have any labs for me id ...
Hello I have a network in prodcution like it mensionned in this picture. The customer wants to renovate the current infrastructure by changing all the hardware. For this reason we had think about deploying DNA Center and make automat...
I want to show how to quickly and reliably troubleshoot a network using notepad++.If you are not using Cisco GENIE and your network is not very big and you have several routers/switches only.For illustration, I created a simple topology.First, the loopbac...