06-09-2003 07:53 AM - edited 03-02-2019 07:59 AM
Greetings,
I was wondering if anyone had some ideas for configuring additional security on a 7200 synchronous serial interface other than access-lists when dialing in with a modem. I would like to know if its possible to be asked for a username and password before being allowed to go through the router and seeing the Windows Logon. There is no soho router between the host and the 7200 router, and there is no access to an AAA/Kerberos/Tacacs server for authentication that way. Any ideas?
Thanks
06-09-2003 08:46 AM
configure AAA so that authentication is done using local username databse, configured locally(default) on the router
create a list of user names as below:
username abcd password dcba
username cisco password cisco
the configure aaa as below:
aaa new-model
aaa authentication login delfault local
enter the line config mode and give the following command
login authentication default
thats all user has to give the above configured uid and password to dial-in to the router.
bye
Manoj
06-09-2003 09:03 AM
Manoj,
Thanks for your quick response. So this will authenticate at the router and once the user is authenticate, they will be allowed access through to the Windows logon screen? Once again thanks for the aaa information.
Dallas
06-17-2003 04:55 AM
Yes,
that will take care of it.
All this is for is their dial-in access. If they don't put in the correct username/password, they will not get into the RAS server
Chris
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide