Cisco 2901 terminal server and restricting access

Unanswered Question
Apr 20th, 2011
User Badges:

I have a Cisco 2901 Terminal server with AAA authentication via ACS server.  I create two
accounts on the acs server, cciesec2011 and vendor.  Both accounts can log into the Cisco
2901 Terminal Server without any issues.  By the way, I am NOT using AAA authorization on
the  Cisco Terminal Server.  Once cciesec2011 or vendor accounts are authenticated, these
accounts can access all the async line on the Cisco Terminal Server.

Now I have a new requirements.  I would like to allow cciesec2011, once this account is
successfully authenticated, this account has access to ALL async line on the Terminal
Server.  The "vendor" account, I want to restrict this account access only to async
line 35 (there are 32 async lines available on the Cisco Terminal Server) and nothing

How can I accomplish without using AAA authorization on the Cisco Terminal Server?
Is it possible to use "privlege level" to accomplish this?  if so, how?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
cciesec2011 Fri, 04/22/2011 - 05:39
User Badges:

Ofcourse, it can be done with ACS for autocommand but AAA authorization is required.  In my original post, I was trying to avoid it.  How can it be done with the username on the ACS but AAA authorization is local on the cisco terminal server?


This Discussion