How to hide the some of the lines in router or switch

chaitu_kranthi · ‎06-26-2008

Hi,

We are working for a large organization where we have 4500 to 5000 network devices.and we have to provide the read only access to client.now problem for me is when they type the "sh run" configuration they are able to view my SNMP. Can some one please help us that how to hide the some of the lines in router or switch i.e our main intention is we want to hide our SNMP String.

stephen.stack · ‎06-27-2008

Hi,

I'm pretty sure you cannot directly hide or permit the viewing of specific commands in a show run. But there is an excellent solution form Cisco to overcome the problem of not allowing people to view complete configs on a router or switch. This is called role-based CLI.

Check it out here.

http://cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtclivws.html#wp1058080

There is a lot here to cover, but i'm sure given the size of your network, it may be worth your while.

HTH - Please rate if it does.

Regards

Stephen

========================== http://www.rconfig.com A free, open source network device configuration management tool, customizable to your needs! - Always vote on an answer if you found it helpful

Pravin Phadte · ‎06-30-2008

Hi,

I would like to know few thinks before i can suggest anything on this.

The clients are porvided with access to this devices in what manner ?

Means do the console to the switch or have dail in or VTY access ?

Are there any privilege set for these switches for useres to log in ?

Is there any tacacs or radius server ?

Please do let us know so we can suggest better

Also if possible paste the configs of any switch.

Regrads,

pravin.