11-23-2007 12:55 PM - edited 03-03-2019 07:39 PM
On a Cisco 2821 router, my customer wants to retsrict access to "enable" mode both by using a user name/password combination and a list of approved MAC addresses.
Any ideas?
Emil
11-23-2007 02:06 PM
You can configure local usernames on the device and chnage the login authentication for the VTY lines to Local
username admin privelege 15 secret
line vty 0 15
login local
I dont think you can restrict the telnet login to particular mac-addresses as vty does not allow you to apply a MAC-access list. you can however apply an access-list that restricts only certain IP address to do telnet.
access-list 1 permit host
line vty 0 15
access-class 1 in
HTH
Narayan
11-29-2007 06:25 PM
Narayan, thank you very much for your response. I might have not been clear enough, but I don't have a problem setting up users and access lists based on IP addresses.
My problem is related to the fact that my customer wants user logins to be restricted to a certain list of MAC addresses.
Best regards,
Emil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide