Wednesday, December 17, 2008

Parser View

I was reading this pdf called "1001 things to do with a Cisco Router" and I came across this topic. I have done it before while doing the ISCW but here it is again.

FIRST, ENABLE AAA:

R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#aaa new-model

SET ENABLE PASSWORD:

R4(config)#enable secret cisco
R4(config)#^Z

SWITCH TO VIEW MODE:

R4#en view
Password:
R4#
*Mar 2 23:03:20.352: %PARSER-6-VIEW_SWITCH: successfully set to view 'root'.
R4#

NOW WE CAN CREATE THE VIEW:

R4(config)#parser view operator
R4(config-view)#?
View commands:
commands Configure commands for a view
default Set a command to its defaults
exit Exit from view configuration mode
no Negate a command or set its defaults
secret Set a secret for the current view
R4(config-view)#commands exec include ping
% Password not set for the view operator
R4(config-view)#secret operator
R4(config-view)#commands exec include ping
R4(config-view)#commands exec include show hardware
R4(config-view)#commands exec include show interface
R4(config-view)#commands exec include show ver
R4(config-view)#exit

LOG IN TO THE VIEW:

R4#en view operator
Password:

*Mar 2 23:05:41.212: %PARSER-6-VIEW_SWITCH: successfully set to view 'operator'.

R4#show ?
flash: display information about flash: file system
hardware Hardware specific information
interfaces Interface status and configuration
parser Display parser information
slot0: display information about slot0: file system
slot1: display information about slot1: file system
version System hardware and software status

ALSO, YOU CAN ADD THE VIEW TO THE USER:

R4(config)#username operator view operator password operator
posted by deadhead blues at 10:23 AM
Labels:

5 comments:

  1. schweeiltzDecember 17, 2008 at 8:54 PM

    Good Post. I always thought this was an interesting way to do it.

    ReplyDelete
  2. leemaynardJune 18, 2010 at 3:54 AM

    How do you change the views again I get this..

    bizarre...

    Rack1R5#enable view
    Rack1R5#
    *Mar 8 00:28:55.854: %AAA-6-USER_BLOCKED: Enable view requires to be authenticated by non-none methods,Please use the appropriate method with the login authentication
    Rack1R5#

    http://ieoc.com/forums/t/10262.aspx

    ReplyDelete
  3. AnonymousJuly 11, 2011 at 9:00 AM

    how to adjust "No view Active! Switch to View Context"? thanks

    ReplyDelete
  4. AnonymousJuly 14, 2011 at 5:26 AM

    I tried to configure parser views in conjunction with RADIUS authentication, but I didn't get this working. I even noticed that I wasn't able to change parser view configuration settings, when I logged in with RADIUS credential.

    I had to change the aaa authentication login and aaa authorization exec settings to local, before being able to change parser view settings.

    ReplyDelete
  5. EruditeJuly 5, 2012 at 11:36 AM

    1. Hi, how i can put user in specific view after login
    2. i want user run only show int f0/0, but it is showing all show int commands.

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)