Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AAA features with TACACS+ for reverse telnet

Hello guys and girls!

We have an AccessServer ((Terminal Server) ( Cisco 2800 router)) , there is 10 more devices in our lab. We can reach all these devices via AccessServer, with reverse telnet configuration. (I'm talking about this connection).

https://learningnetwork.cisco.com/servlet/JiveServlet/downloadImage/2-137896-36787/450-368/oct_async.jpg

We are using tacacs.net ( www.tacacs.net ) server. Authentication is working. Is it possible to do accounting and authorization, not just on access server, but on other devices too?

For example to prohibit commands : erase flash/format/debug all  - on these devices?

Maybe anyone has accomplished these kind of configuration?

Any kind information is highly appreciated!

2 REPLIES
New Member

AAA features with TACACS+ for reverse telnet

You could configure command authorization( normally all TACACS+ servers would support this) or you could assign privilege levels to commands & make it work. For Shel command authorization configuration, refer to this guide. For privilege level assignment, refer to this guide which also mentions supporting configuration for tacacs+ freeware servers (in addition to cisco acs server).

Hope this helps.

New Member

AAA features with TACACS+ for reverse telnet

Ok. I have cisco ACS. Can somebody post exact configuration for reverse telnet ? Router configuration not the ACS or other TACACS/RADIUS server. How do you authorize reverse telnet connections?

With my configurations there is always an error ... "Authorization failed"

929
Views
0
Helpful
2
Replies
CreatePlease to create content