Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Define a user/group in TACACS+ that only has VPN access permissions

I want to define a user/group that has the ability to connect to a VPN, but not via the CLI or any other method.

Currently my VPN users can also log in via the CLI on my routers. They don't have enable access of course, but I would like to prevent them from being able to get on at all if possible.

Right now I am using a "default service = permit." The only other definitions are "ppp protocol" and "default service =

deny" that I can find.

Thanks,

Aaron

1 REPLY
Community Member

Re: Define a user/group in TACACS+ that only has VPN access perm

And if it matters I am running the tacacs+ server available from Cisco running on a Sol SPARC box.

138
Views
0
Helpful
1
Replies
CreatePlease to create content