Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1391
Views
0
Helpful
7
Replies

role-based view commands missing from config

dacaprice
Level 1
Level 1

‎11-23-2010 10:52 AM

Hi All,

I set up a 2960G with IOS 12.2(44)SE6 and created a role-based view to be used by our helpdesk.  One of the things they need to do is add rules to a MAC ACL on the switch.  I've successfully created a view for them and can include and exclude most commands, however, when I try to include the "commands mac-enacle include all permit" command, I get no syntax error, and there is no line in my configuration reflecting the change. As it stands, from the helpdesk view (named smco) I can get into mac acl configuration mode, but I can't issue any of the sub commands.

Any advice would be greatly appreciated.  I tried upgraded to 12.2(55)SE and had the same result.

The current configuration for the parser view is as follows:

parser view smco
secret 5 hashed_pw
commands configure include mac access-list extended
commands configure include all mac access-list
commands configure include mac
commands exec include configure terminal
commands exec include configure

Labels:
0 Helpful
7 Replies 7

yjdabear
VIP Alumni
VIP Alumni

‎11-23-2010 11:45 AM

Do you see the "mac-enable" keyword after "commands ?"

0 Helpful

dacaprice
Level 1
Level 1
In response to yjdabear

‎11-23-2010 11:49 AM

yjdabear,


No. I only see "mac-enacl" after commands.

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to dacaprice

‎11-23-2010 11:52 AM

My bad. I read "mac-enacle" as "mac-enable". Would the extra "e" at the end be the issue then?

0 Helpful

dacaprice
Level 1
Level 1
In response to yjdabear

‎11-23-2010 12:02 PM

Unfortunately, no.  I "mac-enacl" is my only option begining with "mac" and I am able to enter the command without any errors, the line just does not show up in my config.

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to dacaprice

‎11-23-2010 12:20 PM

When you say "there is no line in my configuration", are you referring to the running- or startup-config?

As far as the inability to run the mac acl subcommands as "smco", is there something along the lines of?

username smco privilege [privilege-level] view smco

0 Helpful

dacaprice
Level 1
Level 1
In response to yjdabear

‎11-23-2010 12:36 PM

After I issue the command "commands mac-enacl include all permit" there is no line in my startup or running configuration that says: "commands mac-enacl include all permit" or anything that closely resembles that.

I've tested with multiple local accounts.  After authenticating, I issue the "enable view smco".

0 Helpful

dacaprice
Level 1
Level 1
In response to dacaprice

‎11-30-2010 07:36 AM

Hi all,

I was wondering if there was anyone else who could offer some insight into this problem or atleast duplicate it.

thanks in advance!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents