switch# copy running-config startup-config
switch#
Changing User Role Interface Policies
You can change a user role interface policy to limit the interfaces that the user can access. Specify a list of
interfaces that the role can access. You can specify it for as many interfaces as needed.
Procedure
PurposeCommand or Action
Enters global configuration mode.switch# configure terminal
Step 1
Specifies a user role and enters role
configuration mode.
switch(config) # role name role-name
Step 2
Enters role interface policy configuration mode.switch(config-role) # interface policy deny
Step 3
Specifies a list of interfaces that the role can
access.
switch(config-role-interface) # permit interface
interface-list
Step 4
Repeat this command for as many interfaces as
needed.
For this command, you can specify Ethernet
interfaces.
Exits role interface policy configuration mode.switch(config-role-interface) # exit
Step 5
Displays the role configuration.(Optional) switch(config-role) # show role
Step 6
Copies the running configuration to the startup
configuration.
(Optional) switch(config-role) # copy
running-config startup-config
Step 7
Example
The following example shows how to change a user role interface policy to limit the interfaces that
the user can access:
switch# configure terminal
switch(config)# role name UserB
switch(config-role)# interface policy deny
switch(config-role-interface)# permit interface ethernet 2/1
switch(config-role-interface)# permit interface fc 3/1
switch(config-role-interface)# permit interface vfc 30/1
Changing User Role VLAN Policies
You can change a user role VLAN policy to limit the VLANs that the user can access.
Cisco Nexus 3548 Switch NX-OS System Management Configuration Guide, Release 7.x
208
Configuring User Accounts and RBAC
Changing User Role Interface Policies
To Next Page
Loading...
