Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
519
Views
0
Helpful
3
Replies

EZVPN Block Telnet Access

rameezsardar
Level 1
Level 1

‎03-04-2009 09:16 PM

Hi,

I configure some local users in router for ezvpn x-authentication. But i want these user cant telnet into router. I can restrict users up to some extend by configuring users with privilege 0 but still user can run show commands.

My requirement is vpn users shouldn't even get telnet session whereas admin user should able.

Waiting for solution

Regards

Labels:
0 Helpful
3 Replies 3

Ivan Martinon
Level 7
Level 7

‎03-05-2009 07:29 AM

What are you using for authentication server? are those users locally defined on the router or are they authenticated against a radius server?

0 Helpful

rameezsardar
Level 1
Level 1
In response to Ivan Martinon

‎03-05-2009 11:04 AM

users are configured on router locally...

0 Helpful

Ivan Martinon
Level 7
Level 7
In response to rameezsardar

‎03-05-2009 01:00 PM

After scratching my head for a while I guess your best option (if using and external authentication server is not an option) is to use the privilege command, and move a to a higher privilege the possible commands found on when user is on privilege 0.

This will not prevent them to log in to the router but they will not be able to do anything but exit (if you enable that). External authentication server allows you to control this.

0 Helpful
Customers Also Viewed These Support Documents