[c-nsp] TACACS configuration problem
Lists
cisco-nsp-list at createx.de
Tue Apr 25 18:11:36 EDT 2006
Hello,
On 25.04.2006, at 13:46, Michael Robson wrote:
> I can configure the TACACS+ server on a Unix box so that I
> can restrict access to out Cisco switches and routers for
> various commands. However, once I allow access to config t,
> I cannot work out how to allow only a subset of commands
> within this context (eg. to allow configuring of the 1st
> 10 ports of a 2950G). Can anyone show me a bit a sample
> TACACS+ server config (ideally for a Unix server) that
> would allow this?
>
I dont know if you can use this to restrict someone to some
ports (never had the need), but the nearest I know is the document
titled "How to Assign Privilege Levels with TACACS+ and RADIUS".
http://www.cisco.com/warp/public/480/PRIV.html
regards, Arne
More information about the cisco-nsp
mailing list