[cisco-nas] concurrent support for dial-up scripts and CHAP?
Aaron Leonard
Aaron at cisco.com
Thu Jun 22 11:21:01 EDT 2006
Jamie,
Yes you can support users dialing in and authenticating either in
character mode (dialup script) or via PPP (CHAP or PAP). Here's the
idea ...
aaa authentication login default group tacacs ! for character mode logins
aaa authentication ppp default group tacacs if-needed ! [1]
int group-async1
encapsulation ppp
async mode interactive
line 1/0 1/59
autoselect ppp
autoselect during-login
[1] if-needed means that authentication in PPP is skipped if the call
has already done character mode authentication
Aaron
---
>
> Hi,
> In light of the current problem with the latest Microsoft updates
> breaking dial-up scripts, we're looking into moving to CHAP for TACACS
> authentication. I'm trying to see if we can support both methods but
> I've not had much luck thus far. Is it possible to config my 5350 to
> allow users to connect and authenticate using a script or CHAP? If
> so, is there more to config'ing the 5350 than adding 'ppp
> authentication chap' to my Group-async0 interface and 'autoselect ppp
> and 'autoselect during-login' on my lines?
>
> .............thanks in advance.........Jamie
>
>
> James Savage York University
> Senior Communications Tech. 108 Steacie Building
> jsavage at yorku.ca 4700 Keele Street
> ph: 416-736-2100 ext. 22605 Toronto, Ontario
> fax: 416-736-5701 M3J 1P3, CANADA
> ------------------------------------------------------------------------
>
> _______________________________________________
> cisco-nas mailing list
> cisco-nas at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas
>
More information about the cisco-nas
mailing list