Hi Yue, can you check the below configuration under the system login heirarchy. this should work.
class router-1 { logical-router r1; permissions all; } user router1 { uid 2002; class router-1; authentication { encrypted-password "$1$raarZX86$xI7d4XeudI5BuXwpdl2ev."; ## SECRET-DATA } } I tried connecting to the router using the FXP address and when login using the username router1 i would directly go into router1 The only caveat is that we cannot configure new interfaces under the logical-system. For that we would need to configure it through the global router. Hope this helps Thanks Vineet On Sun, Sep 6, 2009 at 1:14 AM, Yue Min<smartsui...@gmail.com> wrote: > logical router is a great feature. however, I have some questions > about how more efficiently user can access to logical router. here's > the senario: > > r1, r2 , and r3 are three logical router. I want define three classes > and users, each with full control of its logical router efficiently. > it means, when r1 user login with its user account, it should see > these things: > > 1. r1 will be able to see only "logical-routers r1" configure, and > make configure changes only to r1. > 2. when user r1 get into configure mode, it won't be warned "there's > other user in configuration mode" if other user is r2 and/or r3, not a > "global" user. > 3. r1 should be able to issue command like "ping" "show route" "show > isis database" etc. without speicifying logical router name. > > anyone has a good sample to do this? thanks. > > Min > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- ---Vineet _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp