Re: 2 Questions : Dynamic ACL / Term Server on Ethernet

From: Steven Weber (itweber@xxxxxxxxxxxxx)
Date: Tue Aug 07 2001 - 15:37:59 GMT-3

• Next message: RANGE, TIM (SBCSI): "RE: 2 Questions : Dynamic ACL / Term Server on Ethernet"
• Previous message: Monty.Majszak@xxxxxxxxxx: "RE: Routing"
• Maybe in reply to: Padhu (LFG): "2 Questions : Dynamic ACL / Term Server on Ethernet"
• Next in thread: RANGE, TIM (SBCSI): "RE: 2 Questions : Dynamic ACL / Term Server on Ethernet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
1. try login local under vty 0 only this will let you use regular telnet to
the other vty line,
or
in the lab they will tell you what password to use, so once the proctor gets
there they will know the password, assuming you configured it correctly

2. if you telnet to the commserver then you must change the line speed under
the async line for each connection, not in the terminal emulator.

HTH
Steve
----- Original Message -----
From: Padhu (LFG) <padhu@steinroe.com>
To: Ccielab (E-mail) <ccielab@groupstudy.com>
Sent: Tuesday, August 07, 2001 2:03 PM
Subject: 2 Questions : Dynamic ACL / Term Server on Ethernet

> Dynamic ACL:
>
> I have the basic lock and key setup and everything works fine.
> username padhu password cisco
> username padhu autocommand access-enable
>
> acl 100 permit telnet
> acl 100 dynamic allow padhu www blah blah
>
> line vty 0 4
> login local.
>
> This is where i am looking for better ways to do,
>
> With login local, all telnets to the router prompt for a password. Which
> means the proctor may not be able to telnet in one of my routers. Not a
good
> thing.
>
> Options:
> 1. Set rotary 1 on line vty 4 and let the proctor know for this router
> telnet would be on port 3001.
> Is this a reasonable approach ?
> 2. Use AAA authentication login default local enable to avoid login local
> under line vty 0 4. so now even though it prompts for a username when
> telnetting in you can type in any arbitrary name and then type the enable
> password to get in. But dynamic ACL is broken.
>
> Option 2 is something i was messing with ...So wouldn't blame if its not
> working.
>
> what is the best way to go about this ?
>
> Terminal server:
> CCIE Power Session says that there are 2 versions of term server possible.
> 1. Com port from PC. With this i can set line speed to 1200 and hit space
> bar for 30 secs and enter into rom mode even if i don't know the break key
> for the term emulator software.
> 2. Ethernet from pc to term server's ethernet.
> with option 2 if i reverse telnet to a host and wanted to break in, it
> doesn't work.I am looking at docs and archives. Any ideas ?
>
> Cheers,Padhu
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: RANGE, TIM (SBCSI): "RE: 2 Questions : Dynamic ACL / Term Server on Ethernet"
• Previous message: Monty.Majszak@xxxxxxxxxx: "RE: Routing"
• Maybe in reply to: Padhu (LFG): "2 Questions : Dynamic ACL / Term Server on Ethernet"
• Next in thread: RANGE, TIM (SBCSI): "RE: 2 Questions : Dynamic ACL / Term Server on Ethernet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:46 GMT-3