[c-nsp] limit what customer see via tacacs+
Luan Nguyen
luan.nguyen at mci.com
Thu Dec 8 17:27:39 EST 2005
Hello,
Anyone know of a way of limiting what a customer can see once they log on to
your router?
say...can I create an account on the tacacs+ server for a customer, and when
they issue a show run
they won't be able to see the passwords, crypto key...etc?
can the tacacs+ smart enough when it sees show run, it will do show run |
exclude crypto isakmp key * | exclude snmp-server community *...etc?
maybe create a lias exec and let tacacs+ only limit customer to that alias?
how can you create alias that replace the show run with show run | ect? so
that you don't have to tell them to do show_run instead of show run.
TIA
-luan
More information about the cisco-nsp
mailing list