Serial interface

dallas31 · ‎06-09-2003

Greetings,

I was wondering if anyone had some ideas for configuring additional security on a 7200 synchronous serial interface other than access-lists when dialing in with a modem. I would like to know if its possible to be asked for a username and password before being allowed to go through the router and seeing the Windows Logon. There is no soho router between the host and the 7200 router, and there is no access to an AAA/Kerberos/Tacacs server for authentication that way. Any ideas?

Thanks

utl · ‎06-09-2003

configure AAA so that authentication is done using local username databse, configured locally(default) on the router

create a list of user names as below:

username abcd password dcba

username cisco password cisco

the configure aaa as below:

aaa new-model

aaa authentication login delfault local

enter the line config mode and give the following command

login authentication default

thats all user has to give the above configured uid and password to dial-in to the router.

bye

Manoj

dallas31 · ‎06-09-2003

Manoj,

Thanks for your quick response. So this will authenticate at the router and once the user is authenticate, they will be allowed access through to the Windows logon screen? Once again thanks for the aaa information.

Dallas

cdusio · ‎06-17-2003

Yes,

that will take care of it.

All this is for is their dial-in access. If they don't put in the correct username/password, they will not get into the RAS server

Chris