Greetings,
I have been looking for answers regarding a problem I have run into while planning a network. Unfortunately, I have not been able to find an answer to my specific question and would greatly appreciate any help.
The context is as follows: For a Networking class, students will be configuring Cisco Routers(ISR 3322). The routers are off-site and will be accessed via telnet/ssh.
To keep the students from locking themselves out of the device, i want to restrict them from changing the configuration of the management interface.
I've seen commands for restricting certain commands altogether but i want the students to still be able to change the configs of the other interfaces, just not the management one. Is there a way of doing this?