06-28-2002 05:07 AM - edited 02-21-2020 10:01 AM
Dear All:
I want restrict someone user can access inside ftp server but can't access inside telnet server by through authroization on ACS 3.0
In addtion to , I want to know ACS 3.0 can logging who login inside ftp server and who attemp to login inside telnet server
Thanks for you help
06-28-2002 05:59 PM
The approach you take depends somewhat on where the user is originating the request.
If they are dialing in, you can pass down an ACL from ACS.
aaa authentication ppp default group tacacs local
aaa authorization network default group tacacs local
If they are telnetting in from a router, then you can enable command authorization on the router:
aaa authentication login default group tacacs local
aaa authorization exec default group tacacs local
aaa authorization commands 1 default group tacacs local
aaa authorization commands 15 default group tacacs local
Then configure a command authorization set in ACS.
HTH
Jeff
06-28-2002 07:45 PM
Thank you for you reponse , But i would like to know about ACS Accounting, whetrher ACS 3.0 could logging service type (for example : telnet , ftp , pop3 ) when someone user access service form outside dialing
Thanks in advinces
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide