COMPUTER TIPS

 

Enter your search terms Submit search form

  Subscribe to Computer free Tips                                                  

Email:

April, 08 , 08                    Today's Tip                              Add to Favorites  

                                                                              

			Previous Tips e 06-04-08 05-04-08 04-04-08 03-04-08 02-04-08 01-04-08 30-03-08 29-03-08 28-03-08 27-03-08 26-03-08 25-03-08 24-03-08 23-03-08 22-03-08 21-03-08 20-03-08 19-03-08 18-03-08 17-03-08 16-03-08 15-03-08 14-03-08 13-03-08 12-03-08 11-03-08 10-03-08 09-03-08 08-03-08 07-03-08 06-03-08 05-03-08 04-03-08 03-03-08 02-03-08 01-03-08 28-02-08 27-02-08 26-02-08 25-02-08 24-02-08 23-02-08 22-02-08 21-02-08 20-02-08 19-02-08 18-02-08 17-02-08 16-02-08 15-02-08 14-02-08 13-02-08 12-02-08 11-02-08 10-02-08 09-02-08 08-02-08 07-02-08 06-02-08 05-02-08 04-02-08 03-02-08 02-02-08 01-02-08 30-01-08 29-01-08 28-01-08 27-01-08 26-01-08 25-01-08 24-01-08 23-01-08 22-01-08 21-01-08 20-01-08 19-01-08 18-01-08 17-01-08 16-01-08 15-01-08 14-01-08 13-01-08 12-01-08 11-01-08 10-01-08 09-01-08 08-01-08 07-01-08 06-01-08 05-01-08 04-01-08 03-01-08 02-01-08 01-01-08   Dec-07-Tips Nov-07-Tips October 07-Tips September 07-Tips August 07-Tips July 07- Tips June 07- Tips May 07- Tips April 07- Tips March, 07- Tips February, 07- Tips January, 07- Tips
		How to configure Role-Based CLI Access using Cisco IOS?     Today we will try to configure Role-Based CLI Access using Cisco router. The main purpose of this configuration is to define the "Views and Superviews" that provides the selective or limited access to Cisco IOS commands. You can restrict your users to run and display some particular commands that are defined in View for particular user.  First time this feature was introduced in 12.3(7)T IOS version. CLI views provide the detailed access control for network administrator to manage over network security and accountability.   Configuring a first CLI View with name Five  In global configuration Mode: To create the Views, first run the aaa new-model command on router global configuration mode. Router(config) # aaa new-model (enable user authentication)   Router# exit Router > enable view (enable the root view)   Router# configure terminal (enter global configuration Mode)   Router(config)# parser view Five (create a View with name Five)   Router(config-view)# secret champion (assign a secret password to view)   Router(config-view)#  commands exec include show running Router(config-view)#  commands exec include show ip route (add show running and show ip route commands to this view)   Router(config-view)#  exit (exit from view mode)   Router(config)# exit (exit from global configuration mode)   Router# exit (exit from privileges exec mode)   Now to verify the commands access the Five view, run the following command on user exec mode. Router > enable view Five Router # ? Type question mark to verify the commands that are included in Five view. Now Configuring a second CLI View with name Six Router# configure terminal (enter global configuration Mode)   Router(config)# parser view Six (create a View with name Six)   Router(config-view)# secret champion1 (assign a secret password to view)   Router(config-view)#  commands exec include show startup-config Router(config-view)#  commands exec include show interface brief (add show startup-config and show interface brief command to this view)   Router(config-view)#  exit (exit from view mode)   Router(config)# exit (exit from global configuration mode)   Router# exit (exit from privileges exec mode)   Now to verify the commands access the Six view, run the following command on user exec mode. Router > enable view Six Router # ? Type question mark to verify the commands that are included in Six view.  Now adding both CLI Views to a Superview   You can assign one or more views to a superview and then superview inherit the all commands that are associated with views.  Router# configure terminal (enter global configuration Mode)   Router(config)# parser view Seven superview (create a superview with name Seven)   Router(config-view)# secret champion2 (assign a secret password to view)   Router(config-view)# view Five (add view Five in superview name Seven)   Router(config-view)# view Six (add view Six in superview name Seven) Router(config-view)#  exit (exit from view mode)   Router(config)# exit (exit from global configuration mode)   Router# exit (exit from privileges exec mode)   Now to verify the commands access the Seven superview, run the following command on user exec mode. Router > enable view Seven Router # show parser view To verify the commands those are inherit from both views to superview.                            Yesterday Tip. How to apply password and compressed feature in windows XP?