10-24-2001 11:42 AM - edited 03-08-2019 08:56 PM
I tried configuring Lock-and-Key access on the RSM of a Catalyst switch with the following commands
username alain password alain
access-list 120 dynamic test timeout 5 permit ip any any
access-list 120 permit tcp any host 172.20.52.33 eq telnet
interface vlan20
ip access-group 120 in
The access-list looks fine just like the example I referred to
When I telnet into the router, instead of getting a username and password prompt, I still get the normal prompt before I started this (password prompt).
I only when I issue the login command do I get the username /password prompt.
What am I missing?
And also, I am not sure how I can have users use different dynamic access-lists based on individual user profiles.
10-30-2001 07:03 AM
11-07-2001 06:17 PM
You need to define the user alain to use the dynamic access-list:
username alain autocommand access-enable timeout 5
For the second question, I'm also trying that, but seems not able to do that, Anyone got any idea on this?
11-07-2001 07:33 PM
The following will give you the login prompt:
line vty 0 4
login local
autocommand access-enable host timeout 2
Then you can have as many:
username user password pass
As you need.
R.E Your second question - Try this: have loopback interfaces with unique live IP's and then assign the different ACL's to them....Entirely up to you who you give each IP to - Not a very elegant method (May not work as it is untested!)
Other than the above - I'm not sure it can be done (Maybe with a radius/tacacs server it could be achieved?)
HTH,
MB
11-26-2001 03:12 PM
you are missing the following command:
under line vty 0 4
login local ; you are using the local database
;you can also specify tacacs+ for
;authentication
also, as a precaution or it will not work
add in your access-list the following statement:
access-l 101 permit tcp any any established
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide