From: Yurchenko, Michael (michael.yurchenko@xxxxxxxxxxx)
Date: Tue Dec 05 2000 - 15:17:38 GMT-3
I could see that part happening, but how to tie it up w/an access list on
the vty to deny access to particular host from whom several attempts has
been failed?
-----Original Message-----
From: Bill Dellamar [mailto:wdellamar@yahoo.com]
Sent: Tuesday, December 05, 2000 12:19 PM
To: Yurchenko, Michael; CCIE Group Study (E-mail)
Subject: Re: Cutting off ip address...
I believe that this might be duplicated using tacacs.
If it's setup to authenicate via an NT external
database.
Click to configure a particular external database type
for users to authenticate against. CiscoSecure ACS can
authenticate against the Windows NT User Database
I think,
Bill
--- "Yurchenko, Michael"
<michael.yurchenko@verizon.com> wrote:
> Hello,
>
> Some time ago, I was trying to get in a router of
> the company I was working
> for, and I noticed an interesting feature. If
> someone did not enter the vty
> password successfully upon 3 telnet attempts (of 3
> password entries each),
> the ip address of the client attempting to connect
> would no longer be able
> to telnet to this device (i believe for 24 hours).
> Does anyone know how
> something like that could be duplicated?
>
> Sincerely,
> mike.
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:59 GMT-3