Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
1
Replies

How do I limit a user to specific routers commands?

jkeeffe
Level 2
Level 2

‎08-26-2002 11:19 AM - edited ‎03-09-2019 12:04 AM

I have ACS/NT 2.6(4) that controls access to all my routers via TACACS+ using AAA commands in the routers. I want to set up a user that can ONLY 'reload' a router, (we have a need to reload a certain router once a week). I've gone into the USER config area of the ACS and it seems I need to give level-15 access for the user to get into enable mode, but then they have the ability to do anything they want.

Can I limit a user , once he is in enable mode, to just be able to execute the reload command?

Labels:
0 Helpful
1 Reply 1

yusuff
Cisco Employee
Cisco Employee

‎08-31-2002 10:00 PM

Yes, you can limit a user to use reload command only. You need to configure command authorization on the router and configure ACS to permit only 'reload' command and deny all others.

Following URL will help;

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c4.htm#xtocid178536

http://www.cisco.com/warp/public/480/8.shtml

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c6.htm

HTH

R/Yusuf

0 Helpful
Customers Also Viewed These Support Documents