04-10-2003 07:15 AM - edited 03-02-2019 06:34 AM
I'm having problems with users getting double authentication to my Tacacs+ server when using windows dial-up networking. Is there a command that I would add to the configuration to stop this?
I would also like to have my users use a post dial script. The reason for the script is to help them get out of Next Token mode. We use SecurID for authentication and users sometime need to correct there token problems. The script would pass the username, password, type ppp negotiate and wait for ~ to close the post dial windows. Is there any other way to handle SecurID Token or post dial scripting?
Thanks in advance
04-10-2003 10:05 AM
If you want to use the secure ID token for authentication, you need to authenticate in Terminal Window. So you need to that that as a first authentication.. Now i am not clear about which one is the second authentication. So pl. explain when and how the second authentication is taking place at this point.
Now you can use "aaa authentication ppp default if-needed group tacacs" t avoid double authnetication if user is already authenticated via some other way for some other service.
04-10-2003 10:14 AM
The first authentication come from the terminal window and the second is from dialup networking username and password window. Do you have a script that I could use for secure ID authentication?
04-10-2003 07:20 PM
I am not sure that how the users will authenticate again using DUN after successful terminal window authentication and PPP is already started. Anyway You can get away with the second authentication (DUN) if the user is already authenticated using terminal window. You need to use that command "aaa authentication ppp default if-needed group tacacs"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide