About jhillend

jhillend · 02-03-2009

Use TACACS+ and command authorization. You will need to set up a generic command authorization set that allows all commands and one command authorization set that rejects any command except "show isdn active". You will also have to configure each net...

jhillend · 02-03-2009

OK, first, in the Interface Configuration, make sure "Per-user TACACS+/RADIUS Attributes" is selected. Next in each of the user configurations that require special privilege configuration, go to "Advanced TACACS+ Settings" and under "TACACS+ Enable C...

jhillend · 02-03-2009

You description implies that the SFS7000 is not encrypting the packets correctly. You should check with those folks to see if they know about this problem. This problem may be related to CSCse39550

jhillend · 02-03-2009

To your first question: No.To your second question: Yes, use the "One-Time-Password Server" external database option. This is really nothing more than a RADIUS request from ACS.

jhillend · 02-03-2009

Since you haven't accomplished any significant configuration at this point, I would recommend running the recovery CD and starting over. If you still encounter problems after completing a successful configuration, please contact the TAC.

Member Since	‎11-05-2001 10:48 AM
Date Last Visited	‎08-18-2017 03:50 AM
Posts	124
Total Helpful Votes Received	51

User Statistics

User Activity

Re: Restrict access to show isdn active

Re: How to configure the full access privilege to some of NDG gr

Re: ACS 4.1 and SFS 7000P authentication

Re: ACS Express 5.0 questions: downloadable ACL, RADIUS as an ex

Re: ACS 1113 SE 4.2 - No response on prompt