10-30-2002 06:14 AM - edited 03-09-2019 12:52 AM
Can anyone point me to a sample configuration that shows how to consolidate analog and ISDN user remote access along with analog and ISDN dial backup on the same 3660 with 2 PRIs and two modem banks? This will be using AAA and tacacs+.
10-30-2002 06:26 AM
Take a look here:
http://www.cisco.com/warp/public/471/#ddr
You will have to pull samples from a few docs.
Hope this helps.
10-30-2002 06:34 AM
Thanks for the reply. I have looked through all of these sample configs however, my problem is that I have remote users who are using tacacs+ and remote analog routers (for DBU) that are using local authentication. Since the aaa authentication local-override command is only available on the AS5XXX series of devices, analog DBU is trying to go to tacacs instead of local authentication. On the other hand, when I change the order of the "aaa auth. login default" methods, the analog RAS users fail due to no local username.... I need a way to "mix and match" between them.
10-30-2002 06:55 AM
If I understand you correctly, you are trying to share TAC+ and local authentication on this device. If this is the case, just create another list and assign it to the group-async or async interface. Using PAP for your sample:
aaa authentication ppp ASYNC local
aaa authorization network ASYNC local
int group-asy 1
encap ppp
ppp authentication pap ASYNC
ppp authorization pap ASYNC
You only need to use network authorization if you plan to assign local user Attribute Value Pairs.
Hope this helps.
Robert
10-30-2002 07:06 AM
Thanks Robert... I will give it a try! Have a great day!
Brian
10-30-2002 07:13 AM
Thanks Robert... I will give it a try! Have a great day!
Brian
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: