[c-nsp] assign vty port to a specific IP address
Dennis Peng
dpeng at cisco.com
Wed Feb 2 18:24:46 EST 2005
Sure. You can put any line in a rotary group and then hit that
particular line by telneting to an address on the router port 3000 +
rotary_group. So say you assign vty 4 to rotary group 99, you would
hit that vty on port 3099. You can then assign an IP alias for that
port:
ip alias 10.1.1.1 3099
line vty 4
rotary 99
Dennis
Luan Nguyen [luan.nguyen at mci.com] wrote:
> Hi all,
>
> Is there a way to assign a vty port (say vty 4) to a specific IP address?
> Like when I want to give Cisco TAC "special treatment" when they telnet/ssh
> into the box?
> I would like a config like this:
>
> aaa new-model
> aaa authentication login default group tacacs+ local-case
> aaa authentication login customer local
> aaa authorization exec default group tacacs+
> aaa authorization exec customer
> username tac privilege 5 password tac
> privilege exec level 5 show/ping/traceroute
> line vty 0 3
> login authentication default
> line vty 4
> login authentication customer
>
>
> and associate line vty 4 with a certain IP address so that session from that
> IP will always get the customer profile while the rest of the vtys would
> just authenticate using regular tacacs+ profile. I don't have control of
> the tacacs+ server to create username, privilege level...etc
>
> Thanks.
>
> luan
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list