Cisco Support Community
Community Member

Out-of-band modem access security hole!!!

We want the modem line on a remote offline router to callback automatically to a modem connected to a network router to provide security. (Disconnects a wouldbe intruder and dials back the network router). A particular username/password combination is used to invoke the callback procedure. This works ok but the problem is that any other valid username/password string on the router will give direct access without initiating the callback. Other such usernames/passwords are required for CHAP and TACACS fallback access.

Q....Is there any way to ensure that the line connection only authenticates one particular username/password???

Cisco Employee

Re: Out-of-band modem access security hole!!!

You must be using "username abc callback-dialstring 1234...." command right? OR may be via radius for perticular username..

Answer toy your question is NO..

If you just have regular POTS line at router receiving callin (callback server) then there is no way to dedicate one username/password to one line..unless you have different telephone number for callback users

Community Member

Re: Out-of-band modem access security hole!!!

Thanks mate, your quick response is much appreciated. Not sure how we'll get around this one. Cheers.

CreatePlease to create content