From: Thierry MARTIN (tmartin@xxxxxxx)
Date: Mon Jan 15 2001 - 13:09:51 GMT-3
Hi Jason,
define a profile in for AAA with authentication local
apply this in line vty
exemple :
!
hostname R1
!
aaa new-model
aaa authentication login default tacacs+ enable
aaa authentication login con-auth tacacs+ local
aaa authentication login vty-auth tacacs+ enable
aaa authentication login vty-auth2 local
enable secret cisco
enable password cisco1
!
username root password 0 mypass
!
interface Ethernet0
ip address 1.1.1.1 255.255.255.0
!
tacacs-server host 1.1.1.2
tacacs-server key mykey
!
line con 0
exec-timeout 30 0
login authentication con-auth
line aux 0
line vty 0 4
exec-timeout 30 0
login authentication vty-auth
line vty 5
exec-timeout 30 0
rotary 2
login authentication vty-auth2
!
end
Use telnet @IP 2002 for authentication local.
-------------------------------------------------------------------------------
------------------------------------
For keep AAA anfd have no authentication , use NONE for profile in vty.
aaa authentication login vty-auth none
-------------------------------------------------------------------------------
------------------------------------
Best Regard
Thierry
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
>>> "Jason T. Rohm" <jtrohm@athenet.net> 15/01/01 16h31 >>>
I am having problems with my AAA on my terminal server.
I want to keep AAA (username + password) authentication on my terminal
server, but would like to disable the authentication when I reverse telnet
to my routers.
Does anyone know how to accomplish this?
Thank you,
Jason T. Rohm
Sr. Network Engineer
Wire Technologies, Inc
jtrohm@wiretech-inc.com
(920) 766-5172
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:30 GMT-3