[tac_plus] Certain Permissions on some IP's and wide open Permissions on other IP's for same user-group-acl

dwnek at dollartree.com dwnek at dollartree.com
Mon Dec 1 19:42:13 UTC 2014


I would like to have two separate ACL's for one group. One ACL will allow a
network security group to run any command they want on switches they are
responsible for managing and the other ACL will only allow them to run some
show commands on any other network switch.  Is this possible?  Can I
configure one group in the tac_plus.cfg with two nested ACL's?  Please
provide a short config example.


Thank You, Derek



More information about the tac_plus mailing list