Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1699
Views
0
Helpful
2
Replies

ACS 3.0 Authorization

emily
Level 1
Level 1

‎06-28-2002 05:07 AM - edited ‎02-21-2020 10:01 AM

Dear All:

I want restrict someone user can access inside ftp server but can't access inside telnet server by through authroization on ACS 3.0

In addtion to , I want to know ACS 3.0 can logging who login inside ftp server and who attemp to login inside telnet server

Thanks for you help

Labels:
0 Helpful
2 Replies 2

jekrauss
Level 1
Level 1

‎06-28-2002 05:59 PM

The approach you take depends somewhat on where the user is originating the request.

If they are dialing in, you can pass down an ACL from ACS.

aaa authentication ppp default group tacacs local

aaa authorization network default group tacacs local

If they are telnetting in from a router, then you can enable command authorization on the router:

aaa authentication login default group tacacs local

aaa authorization exec default group tacacs local

aaa authorization commands 1 default group tacacs local

aaa authorization commands 15 default group tacacs local

Then configure a command authorization set in ACS.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/user/c.htm#xtocid1001113

HTH

Jeff

0 Helpful

emily
Level 1
Level 1
In response to jekrauss

‎06-28-2002 07:45 PM

Thank you for you reponse , But i would like to know about ACS Accounting, whetrher ACS 3.0 could logging service type (for example : telnet , ftp , pop3 ) when someone user access service form outside dialing

Thanks in advinces

0 Helpful
Customers Also Viewed These Support Documents