View and username

Unanswered Question
Aug 14th, 2007
User Badges:

Hello,


I want to assign a view to an user on my router.

First, I want to use the local database of the router.

After, I'll use a TACACS server for this.

But, I can't do the first part.


I define a view "test" in the view root.

After, I create an user "test" associated to the view "test". But when I prompt, I'm not in this view.


I have this in my configuration:

username test view test password 0 test

...

parser view test

secret 5 XXXXXXXXXXX

commands sg-radius include server-private

commands exec include all show dot11

...



I'm using IOS 12.4(6)T5 in version Advanced IP Services.


Thanks for you help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Mon, 08/20/2007 - 10:55
User Badges:
  • Silver, 250 points or more

I think you can restrict a user, so that he can access only one AAA client i.e. the router which you want and for that you need to implement IP based NAR (Network Access Restriction). I am forwarding you the following link for your reference which you can use to configure IP based NAR:


http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs

33/user/u.htm#wp272851

chris_distef Mon, 08/20/2007 - 23:45
User Badges:

Hello,


Thinks for your answer Irisrios but it's not what I want (I'm very difficult :) ).


In fact, I try to define a cli view to an user.

In first time, localy on the router and after with a TACACS server.

This is the doc I found:

http://cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b96.html


I create an user "test" associated to the view "test". But when I prompt, I'm not in this view.


I have this in my configuration:

username test view test password 0 test

...

parser view test

secret 5 XXXXXXXXXXX

commands sg-radius include server-private

commands exec include all show dot11

...


The view is working fine when I do "enable view test".


Somebody can help me ?

Thanks


chris_distef Mon, 08/20/2007 - 23:58
User Badges:

Hello,


Thinks for your answer Irisrios but it's not what I want (I'm very difficult :) ).


In fact, I try to define a cli view to an user.

In first time, localy on the router and after with a TACACS server.

This is the doc I found:

http://cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b96.html


I create an user "test" associated to the view "test". But when I prompt, I'm not in this view.


I have this in my configuration:

username test view test password 0 test

...

parser view test

secret 5 XXXXXXXXXXX

commands sg-radius include server-private

commands exec include all show dot11

...


The view is working fine when I do "enable view test".


Somebody can help me ?

Thanks


Actions

This Discussion