11-25-2003 06:39 AM - edited 03-10-2019 07:34 AM
Hi folks,
I was running ACS2.6 & using TACACS+ to authenticate dial in users & access to routers. When dial up users tried to telnet to a router they received an authorisation failure (EXEC box not ticked) if they tried to log in. Since upgrading to ACS3.1 they now log in & get a command line. They cannot get into enable mode however I don't like the fact they can actually get onto the routers.
Anyone know how I can stop this?
Thanks in advance, John.
12-01-2003 06:44 AM
But I guess as long as they cannot get into enable mode it is ok right?
12-02-2003 04:06 AM
I would rather they cannot get onto the router at all. Even in non-priveledged mode you can gain quite a bit of information about the router & telnet to other devices.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide