i want to make a view where its only possible to change the vlan on a given port.
i have tryed a number of possibilities and now im ready to give up .
when i make the view i have to define every gigabit or Fastethernet port, i need a command that can allow access to all gigabitethernet ports without giving them access to execute all comannds in interface config.
my view looks like this
parser view int secret 5 $1$ZPxG$PZ.izEXhrKjTYPZVhuldu1 commands interface include switchport commands configure include interface commands exec include-exclusive configure terminal commands exec include configure !
if i want to allow access to an interface port i need to add
commands configure include interface gigabitethernet1/0/1
and i rather not add all 28 ports i that manner, is there a command that fixes my problem?
Router(config-view)# commands exec include show version
Adds commands or interfaces to a view.
parser-mode--The mode in which the specified command exists.
include--Adds a command or an interface to the view and allows the same command or interface to be added to an additional view.
include-exclusive--Adds a command or an interface to the view and excludes the same command or interface from being added to all other views.
exclude--Excludes a command or an interface from the view; that is, customers cannot access a command or an interface.
all--A "wildcard" that allows every command in a specified configuration mode that begins with the same keyword or every subinterface for a specified interface to be part of the view.
interfaceinterface-name-- Interface that is added to the view.
command--Command that is added to the view.
Exits view configuration mode.
Exits global configuration mode.
enable [privilege-level] [viewview-name
Router# enable view first
Prompts the user for a password, which allows the user to access a configured CLI view, and is used to switch from one view to another view.
After the correct password is given, the user can access the view.
Router# show parser view
(Optional) Displays information about the view that the user is currently in.
all--Displays information for all views that are configured on the router.
Although this command is available for both root and lawful intercept users, the all keyword is available only to root users. However, the all keyword can be configured by a user in root view to be available for users in lawful intercept view and CLI view.
i have allso found that document but that dosent really help me in that i can see the interface command in step 5 but still dont know if there is a command like the range command that allows me to allow access to all interfaces but no run any commands when they access it.
the closest i have come is the "commands configure include all interface." but that command gives them access to all sub commands in a given interface.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :