Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipment857W - Integrated Services Router
11121314151617181920
ISR Overview and Providing Secure Administrative Access 95
Step 5
Add available commands to the view: The commands parser_mode
{include | include-exclusive | exclude} [all] [interface
interface_identifier | command] command, issued in view configuration
mode, allows an administrator to specify a command (or interface)
available to a particular view. Example 3-15 shows how to specify that
the copy command (followed by any keywords), the traceroute
command, and the ping command will be available to a specific view
(HELPDESK in this example).
Step 6 Verify the role-based CLI view configuration: After creating a view,
you can switch to that view with the enable view name command. After
switching to the new view, you enter a ?, for context-sensitive help, to see
what commands are available in your new view, as demonstrated in
Example 3-16.
Protecting Router Files
To protect a router’s image and configuration from an attacker’s attempt to erase those files,
the Cisco IOS Resilient Configuration feature keeps a secure copy of these files. These files
are called the bootset. Table 3-8 details the steps required to configure Cisco IOS Resilient
Configuration.
Example 3-15 Specifying Commands Available to a View
R1(config-view)# cc
cc
oo
oo
mm
mm
mm
mm
aa
aa
nn
nn
dd
dd
ss
ss
ee
ee
xx
xx
ee
ee
cc
cc
ii
ii
nn
nn
cc
cc
ll
ll
uu
uu
dd
dd
ee
ee
aa
aa
ll
ll
ll
ll
cc
cc
oo
oo
pp
pp
yy
yy
R1(config-view)# cc
cc
oo
oo
mm
mm
mm
mm
aa
aa
nn
nn
dd
dd
ss
ss
ee
ee
xx
xx
ee
ee
cc
cc
ii
ii
nn
nn
cc
cc
ll
ll
uu
uu
dd
dd
ee
ee
tt
tt
rr
rr
aa
aa
cc
cc
ee
ee
rr
rr
oo
oo
uu
uu
tt
tt
ee
ee
R1(config-view)# cc
cc
oo
oo
mm
mm
mm
mm
aa
aa
nn
nn
dd
dd
ss
ss
ee
ee
xx
xx
ee
ee
cc
cc
ii
ii
nn
nn
cc
cc
ll
ll
uu
uu
dd
dd
ee
ee
pp
pp
ii
ii
nn
nn
gg
gg
Example 3-16 Confirming Role-Based CLI Configuration
R1# ee
ee
nn
nn
aa
aa
bb
bb
ll
ll
ee
ee
vv
vv
ii
ii
ee
ee
ww
ww
HH
HH
EE
EE
LL
LL
PP
PP
DD
DD
EE
EE
SS
SS
KK
KK
Password:
R1#?
Exec commands:
<1-99> Session number to resume
copy Copy from one file to another
enable Turn on privileged commands
exit Exit from the EXEC
ping Send echo messages
show Show running system information
traceroute Trace route to destination