EZVPN Block Telnet Access

Unanswered Question
Mar 4th, 2009


I configure some local users in router for ezvpn x-authentication. But i want these user cant telnet into router. I can restrict users up to some extend by configuring users with privilege 0 but still user can run show commands.

My requirement is vpn users shouldn't even get telnet session whereas admin user should able.

Waiting for solution


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Thu, 03/05/2009 - 07:29

What are you using for authentication server? are those users locally defined on the router or are they authenticated against a radius server?

Ivan Martinon Thu, 03/05/2009 - 13:00

After scratching my head for a while I guess your best option (if using and external authentication server is not an option) is to use the privilege command, and move a to a higher privilege the possible commands found on when user is on privilege 0.

This will not prevent them to log in to the router but they will not be able to do anything but exit (if you enable that). External authentication server allows you to control this.


This Discussion