Send documentation comments to mdsfeedback-doc@cisco.com
25-12
Cisco MDS 9000 Family Command Reference
OL-8413-07, Cisco MDS SAN-OS Release 3.x
Chapter 25 V Commands
vsan policy deny
vsan policy deny
To configure a vsan-based role, use the vsan policy deny command in configuration mode. Use the no
form of this command to delete a configured role.
vsan policy deny
permit vsan vsan-id
vsan policy deny
no permit vsan vsan-id
no vsan policy deny
Syntax Description
Defaults Permit.
Command Modes Configuration mode—role name submode.
Command History
Usage Guidelines You can configure a role so that it only allows commands to be performed for a selected set of VSANs.
By default, the VSAN policy of a role is permit. In other words, the role can perform commands
configured by the rule command in all VSANs. In order to selectively allow VSANs for a role, the
VSAN policy needs to be set to deny and then the appropriate VSANs need to be permitted.
Examples The following example places you in sangroup role submode.
switch# config t
switch(config)# role name sangroup
switch(config-role)#
The following example changes the VSAN policy of this role to deny and places you in a submode where
VSANs can be selectively permitted.
switch(config)# vsan policy deny
switch(config-role-vsan)
The following example deletes the configured VSAN role policy and reverts to the factory default
(permit).
switch(config-role)# no vsan policy deny
The following example permits this role to perform the allowed commands for VSANs 10 through 30.
permit Remove commands from the role.
vsan vsan-id Specifies the VSAN ID. The range is 1 to 4093.
Release Modification
1.2(1) This command was introduced.
To Next Page
Loading...
Need help?
General
