permit interface

To add interfaces for a user role interface policy, use the permit interface command. To remove interfaces, use the no form of this command.

permit interface interface-list

no permit interface

Syntax Description

interface-list
List of interfaces that the user role has permission to access.

Command Default

All interfaces

Command Modes

Interface policy configuration mode

Command History

Release
Modification
4.0(0)N1(1a)
This command was introduced.

Usage Guidelines

For permit interface statements to work, you need to configure a command rule to allow interface access, as shown in the following example:

switch(config-role)# rule number permit command configure terminal ; interface *

Examples

This example shows how to configure a range of interfaces for a user role interface policy:

switch(config)# role name MyRole
switch(config-role)# interface policy deny
switch(config-role-interface)# permit interface ethernet 1/2 - 8
 

This example shows how to configure a list of interfaces for a user role interface policy:

switch(config)# role name MyRole
switch(config-role)# interface policy deny
switch(config-role-interface)# permit interface ethernet 1/1, ethernet 1/3, ethernet 1/5
 

This example shows how to remove an interface from a user role interface policy:

switch(config)# role name MyRole
switch(config-role)# interface policy deny
switch(config-role-interface)# no permit interface ethernet 1/2
 

Related Commands

Command
Description
interface policy deny
Enters interface policy configuration mode for a user role.
role name
Creates or specifies a user role and enters user role configuration mode.
show role
Displays user role information.