Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
771
Views
0
Helpful
2
Replies

it is Possible with ACS 5.8?

Kevin Morales
Level 1
Level 1

‎07-18-2019 05:52 AM - edited ‎02-21-2020 11:07 AM

 

Hi, I need to permit to user only create, delete or modify any access-list that begin with "TEST-". and another ACL that beging with any character the user is not allowed to modify.

 

configure terminal

ip access-list extended TEST-ACL 

 permit ip ...

 permit ip ..

 

it is possible to do it with ACS 5.8?,

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎07-18-2019 05:58 AM

I have not fully explored specifically 1 ACL, you need think and allow add specific command set for that user.

 

here is document for reference :

 

https://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/113590-acs5-tacacs-config.html

BB
*** Rate All Helpful Responses ***

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni

‎07-18-2019 06:02 AM

 

Hi there,

 

The command set would look like:

 

Grant Command Argument
Permit ip access-list extended TEST-

 

cheers,

Seb.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents