Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
373
Views
0
Helpful
5
Replies

Consolidation of RAS, analog, and ISDN dial backup in one 3660

bweir
Level 1
Level 1

‎10-30-2002 06:14 AM - edited ‎03-09-2019 12:52 AM

Can anyone point me to a sample configuration that shows how to consolidate analog and ISDN user remote access along with analog and ISDN dial backup on the same 3660 with 2 PRIs and two modem banks? This will be using AAA and tacacs+.

Labels:
0 Helpful
5 Replies 5

4brown
Level 1
Level 1

‎10-30-2002 06:26 AM

Take a look here:

http://www.cisco.com/warp/public/471/#ddr

You will have to pull samples from a few docs.

Hope this helps.

0 Helpful

bweir
Level 1
Level 1
In response to 4brown

‎10-30-2002 06:34 AM

Thanks for the reply. I have looked through all of these sample configs however, my problem is that I have remote users who are using tacacs+ and remote analog routers (for DBU) that are using local authentication. Since the aaa authentication local-override command is only available on the AS5XXX series of devices, analog DBU is trying to go to tacacs instead of local authentication. On the other hand, when I change the order of the "aaa auth. login default" methods, the analog RAS users fail due to no local username.... I need a way to "mix and match" between them.

0 Helpful

4brown
Level 1
Level 1
In response to bweir

‎10-30-2002 06:55 AM

If I understand you correctly, you are trying to share TAC+ and local authentication on this device. If this is the case, just create another list and assign it to the group-async or async interface. Using PAP for your sample:

aaa authentication ppp ASYNC local

aaa authorization network ASYNC local

int group-asy 1

encap ppp

ppp authentication pap ASYNC

ppp authorization pap ASYNC

You only need to use network authorization if you plan to assign local user Attribute Value Pairs.

Hope this helps.

Robert

0 Helpful

bweir
Level 1
Level 1
In response to 4brown

‎10-30-2002 07:06 AM

Thanks Robert... I will give it a try! Have a great day!

Brian

0 Helpful

bweir
Level 1
Level 1
In response to 4brown

‎10-30-2002 07:13 AM

Thanks Robert... I will give it a try! Have a great day!

Brian

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents