Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

As5300 ppp configuration

I'm having problems with users getting double authentication to my Tacacs+ server when using windows dial-up networking. Is there a command that I would add to the configuration to stop this?

I would also like to have my users use a post dial script. The reason for the script is to help them get out of Next Token mode. We use SecurID for authentication and users sometime need to correct there token problems. The script would pass the username, password, type ppp negotiate and wait for ~ to close the post dial windows. Is there any other way to handle SecurID Token or post dial scripting?

Thanks in advance

Cisco Employee

Re: As5300 ppp configuration

If you want to use the secure ID token for authentication, you need to authenticate in Terminal Window. So you need to that that as a first authentication.. Now i am not clear about which one is the second authentication. So pl. explain when and how the second authentication is taking place at this point.

Now you can use "aaa authentication ppp default if-needed group tacacs" t avoid double authnetication if user is already authenticated via some other way for some other service.

Community Member

Re: As5300 ppp configuration

The first authentication come from the terminal window and the second is from dialup networking username and password window. Do you have a script that I could use for secure ID authentication?

Cisco Employee

Re: As5300 ppp configuration

I am not sure that how the users will authenticate again using DUN after successful terminal window authentication and PPP is already started. Anyway You can get away with the second authentication (DUN) if the user is already authenticated using terminal window. You need to use that command "aaa authentication ppp default if-needed group tacacs"

CreatePlease to create content