Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
6
Replies

restrict dial-in access

rusdijunaidi
Level 1
Level 1

‎07-17-2003 11:27 PM - edited ‎03-02-2019 08:56 AM

I have cisco router 2509 and I need to restrict user dial in based on username,password and ip address.

for example: username test password test and ip address 10.10.10.1

in this case user dial in using static ip address 10.10.10.1 from his pc to the access server,

does anyone know how to setup the Cisco router to authenticate the user ? without implemented Radius/TACACS server.

thanks,

-rusdi-

Labels:
0 Helpful
6 Replies 6

deilert
Level 6
Level 6

‎07-18-2003 04:21 AM

You can use local authentication

this page may help you

http://www.cisco.com/en/US/tech/tk801/tk36/technologies_configuration_example09186a0080094556.shtml

0 Helpful

rusdijunaidi
Level 1
Level 1
In response to deilert

‎07-21-2003 06:38 PM

Unfortunately by using this config, IP Address assignment is dynamic which is assign by the IP Pool, in this case user doesn't have the static IP Address assignment for particular username and password.

What I need to have is user has specific IP Address for specific username and password, therefore any user with the same IP Address but has different username and password or vice versa wouldn't be authenticate.

-rusdi-

0 Helpful

dbellazetin
Level 4
Level 4

‎07-22-2003 01:56 PM

Rusdi,

You can configure dialer profile's using dialer pool members. This way each user has its own defined interface so to speak.

http://www.cisco.com/warp/public/793/access_dial/ddr_dialer_profile.html

Daniel

0 Helpful

rusdijunaidi
Level 1
Level 1
In response to dbellazetin

‎07-22-2003 04:26 PM

Daniel,

thanks for your respond. Currently I am using interface async and connected to external modem, the path that you mentioned is ISDN DDR Dialer profiles.

Is there a way to configure int async to be like that ?

The phone line connected to the modem is hunting line which is has 1 parent line and 8 child lines.

In case there is a way to configure Int asyn into separate int dialer , I just do not know how to route the call into the specific line since the incoming call will be route to the idle line randomly.

thanks,

-rusdi-

0 Helpful

gsoberan
Level 1
Level 1
In response to rusdijunaidi

‎07-23-2003 03:12 PM

Yes , you can also use dialer profiles with async interfaces.

Use the above link and also here is a helpful link for external modems

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080093c31.shtml

you can combine them to get it work!

Eduardo

0 Helpful

jduffek
Level 1
Level 1
In response to gsoberan

‎07-24-2003 03:53 PM

if you are using legacy async interfaces you could do something like this:

aaa new-model

aaa authentication login default local

aaa authorization network default local

!

username foo password bar

!

interface asyncX

dialer in-band

dialer map ip x.x.x.x name foo #

then watch:

debug aaa authen

debug aaa author

debug ppp nego

debug ip peer

is there a really good reason not to use a tac+ or radius box? you can get the software for free and it doesnt require a powerhouse server to run it.

josh

0 Helpful
Customers Also Viewed These Support Documents