RE: [nsp] tacacs and local authentication?

From: Ryan O'Connell (ryan-nsp@complicity.co.uk)
Date: Wed Apr 17 2002 - 04:36:42 EDT


On 17-Apr-2002 matthew zeier wrote:
> I need to allow a customer access to a specific router. I haven't been able
> to figure this out so hopefully someone can help.
>
> How can I setup authentication to query tacacs and local users? Or how can
> I access a specific vty which has a different authentication method?

You need two sets of commands, AAA commands to define the authentication groups
and then commands to apply that to the appropriate terminal lines. I assume you
already have TACACS working.

The first set would be something like this:

aaa new-model
aaa authentication login default line
aaa authentication login NEED-USERNAME tacacs+ local

Which would use the line password by default and tacacs+ or local username
authentication if specified.

Then, under the line concerned...

line 23
    login authentication NEED-USERNAME

HTH.

-- 
Ryan O'Connell - CCIE #8147
<ryan@complicity.co.uk>
http://www.complicity.co.uk



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:12 EDT