Changing User Role Interface Policies
You can change a user role interface policy to limit the interfaces that the user can access. Specify a list of
interfaces that the role can access. You can specify it for as many interfaces as needed.
Procedure
PurposeCommand or Action
Enters global configuration mode.switch# configure terminal
Step 1
Specifies a user role and enters role configuration
mode.
switch(config) # role name role-name
Step 2
Enters role interface policy configuration mode.switch(config-role) # interface policy
deny
Step 3
Specifies a list of interfaces that the role can access.switch(config-role-interface) # permit
interface interface-list
Step 4
Repeat this command for as many interfaces as
needed.
For this command, you can specify Ethernet
interfaces.
Exits role interface policy configuration mode.switch(config-role-interface) # exit
Step 5
(Optional)
Displays the role configuration.
switch(config-role) # show role
Step 6
(Optional)
Copies the running configuration to the startup
configuration.
switch(config-role) # copy
running-config startup-config
Step 7
The following example shows how to change a user role interface policy to limit the interfaces that the user
can access:
switch# configure terminal
switch(config)# role name UserB
switch(config-role)# interface policy deny
switch(config-role-interface)# permit interface ethernet 2/1
switch(config-role-interface)# permit interface fc 3/1
switch(config-role-interface)# permit interface vfc 30/1
Changing User Role VLAN Policies
You can change a user role VLAN policy to limit the VLANs that the user can access.
Cisco Nexus 3548 Switch NX-OS System Management Configuration Guide, Release 6.x
28
Configuring User Accounts and RBAC
Changing User Role Interface Policies
To Next Page
Loading...
