Task 5.3 AAA solution in solution-guide is wrong


to my mind the presented solution in the solution-guide is erronous here. The goal should be to give the NOC-user access to "clear line" and "clear counters". For me that means that those two commands should work, but not any other "clear x" command. With the given configuration every clear-command is enabled for the user NOC.

My suggestion to solve this would be
1) either configure command-aaa-authorization (so that those two commands are configured on the ACS)
2) or the cumbersome variant to set every other clear-command to a higher privilege level manually. This is a horrible task, and it creates a huge configuration.

What do you think?
Sign In or Register to comment.