How to Role Based Access Control (RBAC)
Demo will grant limited access to Cisco Router for troubleshoopting only. User will be unable to view current running config. Onlu troubleshooting commands will be avaliabe.
macedonia_rt1#configure terminal
macedonia_rt1(config)#enable secret cisco
macedonia_rt1(config)#aaa new-model
macedonia_rt1(config)#exit
macedonia_rt1#
! Enter to 'root' parser
macedonia_rt1#enable view
Password:cisco
! Create new View
macedonia_rt1(config)#parser view Troubleshooting
macedonia_rt1(config-view)#secret TroubleshootingSecret
macedonia_rt1(config-view)#command exec include all show ip
macedonia_rt1(config-view)#command exec include show version
macedonia_rt1(config-view)#command exec include show
macedonia_rt1(config-view)#command exec include logout
macedonia_rt1(config-view)#command exec include show
macedonia_rt1(config-view)#end
macedonia_rt1#disable
! enter Troubleshooting view
macedonia_rt1>enable view Troubleshooting
Password:[TroubleshootingSecret]
! Avaliable commands
show ip interface brie
show version
logout
! unavaliable commands
sh run
macedonia_rt1#
No comments:
Post a Comment