From: Padhu (LFG) (padhu@xxxxxxxxxxxx)
Date: Tue Aug 07 2001 - 15:03:28 GMT-3
Dynamic ACL:
I have the basic lock and key setup and everything works fine.
username padhu password cisco
username padhu autocommand access-enable
acl 100 permit telnet
acl 100 dynamic allow padhu www blah blah
line vty 0 4
login local.
This is where i am looking for better ways to do,
With login local, all telnets to the router prompt for a password. Which
means the proctor may not be able to telnet in one of my routers. Not a good
thing.
Options:
1. Set rotary 1 on line vty 4 and let the proctor know for this router
telnet would be on port 3001.
Is this a reasonable approach ?
2. Use AAA authentication login default local enable to avoid login local
under line vty 0 4. so now even though it prompts for a username when
telnetting in you can type in any arbitrary name and then type the enable
password to get in. But dynamic ACL is broken.
Option 2 is something i was messing with ...So wouldn't blame if its not
working.
what is the best way to go about this ?
Terminal server:
CCIE Power Session says that there are 2 versions of term server possible.
1. Com port from PC. With this i can set line speed to 1200 and hit space
bar for 30 secs and enter into rom mode even if i don't know the break key
for the term emulator software.
2. Ethernet from pc to term server's ethernet.
with option 2 if i reverse telnet to a host and wanted to break in, it
doesn't work.I am looking at docs and archives. Any ideas ?
Cheers,Padhu
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:46 GMT-3