Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allow some commands and restrict other commands for the User

Hi to all,

I dont have ACS and any firewalls.Anywhere from the intranet can access all the commands in the router.I Configured the AAA using local database and created only 2 usernames.I want the other user shoult use only few commands in the user & privilaged levels.I can't use the privilage level for a user.How can i authorize the user to use the perticular 3 commands.

Also i want to configure the accounting in which i need to track the commands used by the user.Any one suggest me how to do it in a normal IOS12.2 version.

Thanks

Raj

1 REPLY
New Member

Re: Allow some commands and restrict other commands for the User

In order to have an efficient and scalable authorization and accounting, get TACACS+ (it is free and available on the net) and install it in any Unix platform (can be a PC running linux). If you cannot do this, you will then have to do it the nasty way, which is use local AAA, but this solution will be real ugly.. take a look at the following link for more information,

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c2.htm

84
Views
0
Helpful
1
Replies