11-23-2007 12:55 PM - edited 03-03-2019 07:39 PM
On a Cisco 2821 router, my customer wants to retsrict access to "enable" mode both by using a user name/password combination and a list of approved MAC addresses.
Any ideas?
Emil
11-23-2007 02:06 PM
You can configure local usernames on the device and chnage the login authentication for the VTY lines to Local
username admin privelege 15 secret
line vty 0 15
login local
I dont think you can restrict the telnet login to particular mac-addresses as vty does not allow you to apply a MAC-access list. you can however apply an access-list that restricts only certain IP address to do telnet.
access-list 1 permit host
line vty 0 15
access-class 1 in
HTH
Narayan
11-29-2007 06:25 PM
Narayan, thank you very much for your response. I might have not been clear enough, but I don't have a problem setting up users and access lists based on IP addresses.
My problem is related to the fact that my customer wants user logins to be restricted to a certain list of MAC addresses.
Best regards,
Emil
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: