[tac_plus] Restricting Cisco 'interface' command
dterry at dollartree.com
dterry at dollartree.com
Tue Oct 20 14:35:11 UTC 2009
Hello,
I am trying to restrict the usage of the 'interface' command within
Cisco gear. I would like the users to have access to issue "interface Gi.*"
or "interface Fa.*". I do not want them to have the ability to issue
"interface Te.*". The configuration that I have in place now for this is:
cmd = interface {
permit ".*Gi.*"
permit ".*Fa.*"
deny .*
}
Should this work? If not, where's my error?
************************************
Darren Terry
Security Analyst
Dollar Tree, Inc.
Desk: 757.321.5538
************************************
More information about the tac_plus
mailing list