I need help on the Authorization Set. I have the following currently configured.
clear permit port-security dynamic
permit port-security all
permit port-security sticky
permit mac-address-table dynamic
Configure permit terminal
show permit port-security
permit interfaces status
permit interfaces stats
permit running-config interface FastEthernet
switchport permit port-security
write permit memory
copy running-config startup-config
everything seems to work fine. For example you can not do a show running config.
my problem is the conf t. Once you in you can do any commands you want ie. "int fax/x/x" "switchport access vlan XX"
I tried different interface permit commands and still can not restrict commands.
None of the permit unmatched commands are checked.
What I would like is to permit interaface commands for port security commands, but not allow shut or no shut. etc.