Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3751
Views
0
Helpful
1
Replies

How to use " ip identd" to check the incoming user ?

mishao
Level 1
Level 1

‎09-30-2002 12:38 AM - edited ‎03-09-2019 12:30 AM

hi,

I configurate the command "ip identd" in routers. How to get the information from the port (113) in routers. I had used the access-list to check the telnet session between two routers but could n't view anything.

please advise.

best regards

fred.

Labels:
0 Helpful
1 Reply 1

steve.barlow
Level 7
Level 7

‎09-30-2002 06:13 AM

What exactly are you trying to do? "Show users" to see who is logged in.

If you want info on the ident protocol see RFC 1413: http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1413.html . With identification support, you can connect a TCP port on a host, issue a simple text string to request information, and receive a simple text-string reply. There isn't alot you can configure with it, just enable/disable. Make sure the request is sent properly.

If you want to see who logs in and what they do you can try two options: local priviledge or tacacs+ AAA.

Local example:

priviledge exec level 2 ping

priviledge exec level 2 show config

priveldge exec level 3 debug ip rip

enable secret level 2 ...

enable secret level 3 ...

Log in on one of those level: enable 2 or enable 3

This way you can see the username that logs in, and limit what they do.

Tacacs+ example:

aaa new-model

tacacs-server host 1.1.1.1

tacacs-server key ...

aaa authorization exec tacacs+

aaa accounting ...

Set up a tacacs+ server.

This way you see who logs in, limit what they do, and have audit records of what they did.

Hope it helps.

Steve

0 Helpful
Customers Also Viewed These Support Documents