Open In App

Parser View (Role based CLI access)

Last Updated : 18 Oct, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

Prerequisite – Role-based Access Control

Parser view is used to create or modify a role based CLI access view and enter view configuration mode and provide security to access network resources.

Commands to modify a parser view :

  1. include : to add any command in the view
  2. exclude : to remove any command
  3. include-exclusive : include command exclusively to the parser view excluding from other views if any.

Parser view can be implemented by using the local database (running configuration of the device). Here, we will talk about the parser view configuration on the device locally only and telnet the same through another router and accessing its CLI with different views :

Configuration : 

  • Enabling AAA on the router (R2) :
R2(config)#aaa new-model
R2(config)#enable secret cisco123
R2(config)#aaa authentication login default local
R2(config)#aaa authorization exec default local
R2(config)#exit
  • Entering root view to create custom views :
R2#enable view
  • Creating custom parser views – abc & xyz :
R2(config)#parser view abc 
R2(config-view)#secret 123
R2(config-view)#commands exec include ping 
R2(config-view)#commands exec include all show
R2(config-view)#commands exec include telnet
R2(config)#parser view xyz
R2(config-view)#secret 234
R2(config-view)#commands exec enclude ping
R2(config-view)#commands exec enclude telnet
R2(config-view)#commands exec enclude all show
R2(config-view)#commands exec enclude configure terminal
R2(config-view)#commands configure include all interfaces
R2(config-view)#commands configure include all router
R2(config-view)#commands interface include shutdown 
R2(config-view)#commands interface include no shutdown
  • Binding parser view with local database and writing all configurations :
R2(config)#username sam view abc password 123
R2(config)#username ram view xyz password 234
R2(config)#do write
  • To see parser views and the commands associated with them :
R2#show running-config | sec parser

Parser view configuration in running-config (local database)

  • Telnet the R2 router through R1 router :
R1#telnet 10.1.1.2

(Enter the username and password associated with it and telnet will be successful)

  • You can enable view using the below command :
R2#enable view abc
(enter the password for view abc)
  • To check how many commands the current view has type “?”:
R2#?
(list of commands in the current view as shown in the image below)


Like Article
Suggest improvement
Previous
Overview of Personal Area Network (PAN)
Next
How to Transfer Files using SFTP?
Share your thoughts in the comments

Similar Reads

Role-based Access Control
Time based Access-List
Context Based Access Control (CBAC)
Which Command is Used to View the IP Address and Default Gateway of a Computer?
Role of Computers in Crime
Role of Middleware in Distributed System
Role of Subnet Mask
Controlled Access Protocols in Computer Network
Access and Trunk Ports
Multiple Access Protocols in Computer Network
author
jt9999709701
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox