Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
645
Views
0
Helpful
1
Replies

VRF Remote Management Access

PvCr
Level 1
Level 1

‎04-14-2020 06:04 PM - edited ‎04-14-2020 06:04 PM

Hi everybody,

Does anyone know if it's possible to create VRFs (one per customer) and get access (SSH, TELNET) to the specific VRF assigned to the particular customer??? Like assign for each customer a particular virtual router without getting access to the entire global config or other VRFs??

For example:

Customer A has his own ssh/telnet access to the VRF A (get admin access to configure routes, interfaces, etc)

Customer B has his own VRF B and so on...

I want to partition my entire router to many VRF but each customer has his own admin and management access to the portion assign to it...

Labels:
0 Helpful
1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

‎04-14-2020 09:18 PM

Hi

Are you using ios or ios-xr?
I believe it's ios otherwise you would have specified it.

You can create role based cli acccess by creating views and push these views to users depending on which vrf they're assigned to. Or you can create profiles on your tacacs server (if you have any) to filter each command a user can use (1 profile per vrf that you must define once) and then apply it based on user authentication.

I don't see any other way right now but i can think about it.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents