[c-nsp] question on terminal access security

Benjie Ko gerwalk1 at yahoo.com
Thu Apr 21 00:09:27 EDT 2005


Hello List,

I have a few questions on how to do per-user AAA on
remote router management.  I would like to know if I
can use radius to do command authorization and
accounting on remote CLI logins on cisco or is this
exclusive to tacacs?
We've been using radius for quite a time now for our
dialin clients and  would just like to use that if
possible for router management.
If radius cannot do that, anyone has done using both
radius and tacacs on the same router? Radius for PPP
users, tacacs+ for router management?
Except for the ACS, are the freeware tacacs+ servers
capable of doing command authorization  and
accounting?  With command authorization, can I easily
change available commands for a particular user?
Appreciate your feedback. Thanks.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the cisco-nsp mailing list