[c-nsp] assign vty port to a specific IP address
Luan Nguyen
luan.nguyen at mci.com
Wed Feb 2 15:29:12 EST 2005
Hi all,
Is there a way to assign a vty port (say vty 4) to a specific IP address?
Like when I want to give Cisco TAC "special treatment" when they telnet/ssh
into the box?
I would like a config like this:
aaa new-model
aaa authentication login default group tacacs+ local-case
aaa authentication login customer local
aaa authorization exec default group tacacs+
aaa authorization exec customer
username tac privilege 5 password tac
privilege exec level 5 show/ping/traceroute
line vty 0 3
login authentication default
line vty 4
login authentication customer
and associate line vty 4 with a certain IP address so that session from that
IP will always get the customer profile while the rest of the vtys would
just authenticate using regular tacacs+ profile. I don't have control of
the tacacs+ server to create username, privilege level...etc
Thanks.
luan
More information about the cisco-nsp
mailing list