RE: ACS and Terminal Server

From: Chris (chris@supertechnetworks.com)
Date: Thu Sep 08 2005 - 23:15:10 GMT-3

• Next message: Adam S. Roth: "Name the socket used for BGP?"
• Previous message: Godswill Oletu: "Re: Clarification of respoinse; HSRP and Track - 3550"
• Maybe in reply to: Chris: "ACS and Terminal Server"
• Next in thread: Godswill Oletu: "Re: ACS and Terminal Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

That is what I figured. I do not want to selectively do authentication. I
want a person to authenticate once to one line and then have access to the
others without re-authenticating for each line. I did not think it could be
done. Thanks anyway.

Chris

-----Original Message-----
From: Godswill Oletu [mailto:oletu@inbox.lv]
Sent: Thursday, September 08, 2005 9:45 PM
To: Chris; ccielab@groupstudy.com
Subject: Re: ACS and Terminal Server

Chris,

By default you are not required to authenticate before gaining access to
devices attached to the lines via reverse telnet:

#line 1 16
#transport input all

Is really all that is needed to reverse telnet to each of the 16 devices
connected to the lines above. You can further tweak this by adding things
like (no exec, exec-timeout, etc...)

However, if you choose to, you can selectively turn ON authentication for
any or all of the lines:

#line 1 2
#transport input all
#login
#password cisco
!
#line 3 16
#transport input all

You will be challanged for a password on lines 1 and 2 but not on lines 3 to
16.

If you have to telnet from your PC straight into any of the lines and donot
want to be challanged for password eg:

C:/>Telnet 1.1.1.1 2001 <1.1.1.1 is ethernet interface ip address of the
terminal server & 2001 is accessing line 1>

You can turn OFF telnet authentication on the terminal server by:

#line vty 0 4
#no login

With this and the vanilla configuration of 'line 1 16' above, users can
access any of the terminal server lines from their PC without password
requirements.

HTH
Godswill Oletu

----- Original Message -----
From: "Chris" <chris@supertechnetworks.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, September 08, 2005 8:17 PM
Subject: ACS and Terminal Server

> If I am using a 2511 as terminal server with a device on each line, can I
> configure it so that a user only has to authenticate on one line to access
> the other 15?
>
> In other words, I want them to be able to telnet to x.x.x.x 2001 x.x.x.x
> 2002 x.x.x.x 2003
>
> and access each line, but not have to authenticate at each line. I do not
> think it is possible, but I thought I should ask.
>
> Chris
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Adam S. Roth: "Name the socket used for BGP?"
• Previous message: Godswill Oletu: "Re: Clarification of respoinse; HSRP and Track - 3550"
• Maybe in reply to: Chris: "ACS and Terminal Server"
• Next in thread: Godswill Oletu: "Re: ACS and Terminal Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:14 GMT-3