Posted on July 2, 2019 3:24 pm
 |  Asked by Nik Sheridan
Print Friendly, PDF & Email

Hi forum! :)

Anyone using cloudvision within multiple autonomous domains? Like region A has their own stuff and region B has their own stuff? Ideally I’d like to create a separation between CVP in region A and region B by creating a cvpadmin_foo so I can administer this account without messing up cvpadmin_bar that is used in the neigbouring region. (the account CVP uses to login to devices)

Use case here is like a password change.

I cannot for the life me find in the docs where you can do this on cloudvision!

Any pointers appreciated.


Posted by Lokesh Charora
Answered on July 2, 2019 3:39 pm


Thanks for getting in touch. If I understand the requirement correctly, you want to have 2 separate CVP usernames for 2 different AS in your environment ?

How about we create 2 different username on CVP for 2 different AS which will be authenticated in their respective zones. User_A will not be able to authenticate on Zone_B devices and therefor will not be able to make any changes in zone_B.

Let me know if this helps. I would also recommend opening a TAC case by emailing so we can jump on a call/screen share and discuss options which will be suitable for you.


Posted by Tamas Plugor
Answered on July 2, 2019 3:52 pm

Hi Nik,

Do I understand correctly that you have 2 CVP instances in 2 regions? or is it just 1 CVP but managing 2 regions?
cvpadmin is a default user, you cannot modify its username, but you can add as many users as you want locally or you can integrate CVP with TACACS/RADIUS

The following sections from the config guide should be helpful:

Even if you have 1 CVP instance managing 2 regions, you can create those 2 users in GUI: cvpadmin_foo and cvpadmin_bar, and on region A devices you’d have cvpadmin_foo and on region B devices you’d have cvpadmin_bar, so when you’d log in with cvpadmin_bar you would only be able to provision region B devices.

Is this what you are looking for?


Post your Answer

You must be logged in to post an answer.