Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sh3r
Participant

Unable to run Ping command via custom RBA role R80.40

i have integrated my Checkpoint with ISE via RADIUS protocol.. i am trying to configure a Read only profile for L1 users.

i configured a read only rba role as follows:

 

Role:

ReadOnly

domain-type System

virtual-system access all

read-write-feature ext_ping

read-write-feature vsx

read-write-feature virtual-system

read-write-feature cluster_ha

read-write-feature ext_cphaprob

 

I want L1 users to check HA status and do ping checks but they are getting the following error in respective commands

>check cluster state

/bin/cphaprob_start: line 6 /etc/profie.d/vsenv.sh: Permission Denied

cluster_pro  Failed to show cluster state

 

>set virtual-system 2 

>ping 8.8.8.8

SUPSH0361 Failure setting current vrfid to 2

 

How can i resolve these ? 

Thanks

 

 

 

0 Kudos
0 Replies