03-04-2009 09:16 PM
Hi,
I configure some local users in router for ezvpn x-authentication. But i want these user cant telnet into router. I can restrict users up to some extend by configuring users with privilege 0 but still user can run show commands.
My requirement is vpn users shouldn't even get telnet session whereas admin user should able.
Waiting for solution
Regards
03-05-2009 07:29 AM
What are you using for authentication server? are those users locally defined on the router or are they authenticated against a radius server?
03-05-2009 11:04 AM
users are configured on router locally...
03-05-2009 01:00 PM
After scratching my head for a while I guess your best option (if using and external authentication server is not an option) is to use the privilege command, and move a to a higher privilege the possible commands found on when user is on privilege 0.
This will not prevent them to log in to the router but they will not be able to do anything but exit (if you enable that). External authentication server allows you to control this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide