RE: [nsp] tacacs and local authentication?

From: Ryan O'Connell (ryan-nsp@complicity.co.uk)
Date: Wed Apr 17 2002 - 04:36:42 EDT

Next message: Zhang, Anchi: "RE: net::telnet:: Cisco module"
Previous message: Gert Doering: "Re: net::telnet:: Cisco module"
In reply to: matthew zeier: "[nsp] tacacs and local authentication?"
Next in thread: matthew zeier: "[nsp] tacacs and local authentication?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

On 17-Apr-2002 matthew zeier wrote:
> I need to allow a customer access to a specific router. I haven't been able
> to figure this out so hopefully someone can help.
>
> How can I setup authentication to query tacacs and local users? Or how can
> I access a specific vty which has a different authentication method?

You need two sets of commands, AAA commands to define the authentication groups
and then commands to apply that to the appropriate terminal lines. I assume you
already have TACACS working.

The first set would be something like this:

aaa new-model
aaa authentication login default line
aaa authentication login NEED-USERNAME tacacs+ local

Which would use the line password by default and tacacs+ or local username
authentication if specified.

Then, under the line concerned...

line 23
login authentication NEED-USERNAME

HTH.

-- 
Ryan O'Connell - CCIE #8147
<ryan@complicity.co.uk>
http://www.complicity.co.uk

Next message: Zhang, Anchi: "RE: net::telnet:: Cisco module"
Previous message: Gert Doering: "Re: net::telnet:: Cisco module"
In reply to: matthew zeier: "[nsp] tacacs and local authentication?"
Next in thread: matthew zeier: "[nsp] tacacs and local authentication?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:12 EDT