Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1783
Views
5
Helpful
7
Replies

how can i restrict a particular interface in privilege mode, like i want to stop a user

Go to solution
Yasmeen
Level 1
Level 1

‎05-31-2018 10:54 PM - edited ‎03-05-2019 10:32 AM

how can i restrict a particular interface in privilege mode, like i want to stop a user to access interface gigabit 1/0/1 only ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to Yasmeen

‎06-05-2018 12:09 AM

Hello,

 

I think role-based CLI access is your only option. Have a look at the doc below (2.2.2.):

 

https://learningnetwork.cisco.com/docs/DOC-15878

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Rick Morris
Level 6
Level 6

‎06-04-2018 09:24 AM

Not quite sure I understand what you are asking, can you share more detail?

Are you wanting to allow a user to ONLY have access to make configuration changes to a specific interface?

Or

Are you asking how to NOT allow access to a user for a specific interface?

Do you have a TACACS server?

Go to solution
Yasmeen
Level 1
Level 1
In response to Rick Morris

‎06-04-2018 10:32 PM

*Are you asking how to NOT allow access to a user for a specific interface?*

Yes, i am asking to not allow a user for specific interface

like user1 cannot access a specific interface like int gi 1/0/1

user2 int gi 1/0/2

user3 int gi1/0/3

like 24 ports in a switch

*Do you have a TACACS server?*

no we don't have TACACS Server .
0 Helpful

Go to solution
Yasmeen
Level 1
Level 1
In response to Rick Morris

‎06-04-2018 10:45 PM

Are you asking how to NOT allow access to a user for a specific interface?

yes, not allow a user to access a specific interface inside configure mode like 

user1 int gi1/0/1

user2 int gi1/0/2

user int gi1/0/3

like this wants to restrict 

 

Do you have a TACACS server ?

no we don't have TACACS server

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Yasmeen

‎06-05-2018 12:09 AM

Hello,

 

I think role-based CLI access is your only option. Have a look at the doc below (2.2.2.):

 

https://learningnetwork.cisco.com/docs/DOC-15878

0 Helpful

Go to solution
Yasmeen
Level 1
Level 1
In response to Georg Pauwen

‎06-06-2018 04:54 AM

can u list out the Root view, CLI view, Super View Commands to support cisco switch  

0 Helpful

Go to solution
Yasmeen
Level 1
Level 1
In response to Georg Pauwen

‎06-06-2018 04:56 AM

can u list out the Root view, CLI view, Super View Commands to support cisco switch  

0 Helpful

Go to solution
paul driver
VIP
VIP

‎06-05-2018 01:20 AM

Hello

When you say user, you mean this user has CLI access to the switch and you wish them not to be able to change the detail of a specific port?

Or do you mean the user plugging a device into a specific port and not allowing access?

 

The later can be done at a l2 basis with a simple mac acl, if the below isnt the solution your looking for please elaborate the question above?

mac access-list extended STAN
deny   host aaaa.aaaa.aaaa any
deny   any host aaaa.aaaa.aaaa
permit any any

int x/x
mac access-group STAN in

res

Paul

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card