Open In App
Related Articles

Parser View (Role based CLI access)

Improve Article
Save Article
Like Article

Prerequisite – Role-based Access Control

Parser view is used to create or modify a role based CLI access view and enter view configuration mode and provide security to access network resources.

Commands to modify a parser view :

  1. include : to add any command in the view
  2. exclude : to remove any command
  3. include-exclusive : include command exclusively to the parser view excluding from other views if any.

Parser view can be implemented by using the local database (running configuration of the device). Here, we will talk about the parser view configuration on the device locally only and telnet the same through another router and accessing its CLI with different views :

Configuration : 

  • Enabling AAA on the router (R2) :
R2(config)#aaa new-model
R2(config)#enable secret cisco123
R2(config)#aaa authentication login default local
R2(config)#aaa authorization exec default local
  • Entering root view to create custom views :
R2#enable view
  • Creating custom parser views – abc & xyz :
R2(config)#parser view abc 
R2(config-view)#secret 123
R2(config-view)#commands exec include ping 
R2(config-view)#commands exec include all show
R2(config-view)#commands exec include telnet
R2(config)#parser view xyz
R2(config-view)#secret 234
R2(config-view)#commands exec enclude ping
R2(config-view)#commands exec enclude telnet
R2(config-view)#commands exec enclude all show
R2(config-view)#commands exec enclude configure terminal
R2(config-view)#commands configure include all interfaces
R2(config-view)#commands configure include all router
R2(config-view)#commands interface include shutdown 
R2(config-view)#commands interface include no shutdown 
  • Binding parser view with local database and writing all configurations :
R2(config)#username sam view abc password 123
R2(config)#username ram view xyz password 234
R2(config)#do write
  • To see parser views and the commands associated with them :
R2#show running-config | sec parser

Parser view configuration in running-config (local database)

  • Telnet the R2 router through R1 router :

(Enter the username and password associated with it and telnet will be successful)

  • You can enable view using the below command :
R2#enable view abc
(enter the password for view abc)
  • To check how many commands the current view has type “?”:
(list of commands in the current view as shown in the image below)

Last Updated : 18 Oct, 2021
Like Article
Save Article
Similar Reads