System information
94 Chapter 3: Defending the Perimeter
exactly what commands an administrator has access to. Following are the steps required to
configure these views:
Step 1 Enable AAA: Authentication, authorization, and accounting (AAA) is discussed
in detail in Chapter 4, “Configuring AAA.” For now, just realize that AAA must
be enabled to support views. Example 3-11 shows how to enable AAA on an IOS
router.
Step 2 Enable the root view: The root view is represented by the set of commands
available to an administrator logged in with a pri’vilege level of 15. You might be
required to provide the enable secret password to enable the root view, as shown
in Example 3-12.
Step 3 Create a view: Use the parser view name command to create a new
view, as shown in Example 3-13.
Step 4 Set a password for the view: Use the secret 0 password command to set the
password required to invoke the view. The 0 in the command indicates that the
password provided is in plain text, as opposed to an MD5 hash value. Example
3-14 shows how to configure a view’s password.
Example 3-11 Enabling AAA
R1# cc
cc
oo
oo
nn
nn
ff
ff
tt
tt
ee
ee
rr
rr
mm
mm
R1(config)# aa
aa
aa
aa
aa
aa
nn
nn
ee
ee
ww
ww
--
--
mm
mm
oo
oo
dd
dd
ee
ee
ll
ll
R1(config)# ee
ee
nn
nn
dd
dd
Example 3-12 Enabling the Root View
R1# ee
ee
nn
nn
aa
aa
bb
bb
ll
ll
ee
ee
vv
vv
ii
ii
ee
ee
ww
ww
Password:
R1#
Example 3-13 Creating a View
R1# cc
cc
oo
oo
nn
nn
ff
ff
ii
ii
gg
gg
tt
tt
ee
ee
rr
rr
mm
mm
R1(config)# pp
pp
aa
aa
rr
rr
ss
ss
ee
ee
rr
rr
vv
vv
ii
ii
ee
ee
ww
ww
HH
HH
EE
EE
LL
LL
PP
PP
DD
DD
EE
EE
SS
SS
KK
KK
R1(config-view)#
Example 3-14 Setting a Password for a View
R1(config-view)# ss
ss
ee
ee
cc
cc
rr
rr
ee
ee
tt
tt
00
00
HH
HH
33
33
ll
ll
pp
pp
DD
DD
33
33
ss
ss
kk
kk
PP
PP
@@
@@
55
55
55
55
R1(config-view)#