Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TACACS+ freeware av-pairs (Called/CAlling Station ID check)

Hi guys,

I found no infos about DNIS/CLID check via av-pairs on A TACACS+ freeware Server (not for Cisco Secure ACS).

The format looks like:

user = cisco800 {

chap = cleartext "12345"

service = ppp protocol = ip {

addr = 1.1.1.1

}

service = ppp protocol = multilink {

max-links = 2

}

}

The only av-pairs I found are at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fappendx/scftacat.htm

I am interested in any other av-pairs you can offer.

regards

sascha

3 REPLIES
Cisco Employee
New Member

Re: TACACS+ freeware av-pairs (Called/CAlling Station ID check)

Hi Yusuf,

I did not search infos about "Configuring AAA Server Group Selection Based on DNIS".

I want to do a "simple" DNIS or CLID check.

example:

"user1" only get succesfull authentication if it´s calling 11111

"user2" only get succesfull authentication if it´s calling 22222

I am searching the syntax to configure this on freeware TACACS.

regards

sascha

Cisco Employee

Re: TACACS+ freeware av-pairs (Called/CAlling Station ID check)

I am not sure if this is possible with freeware tacacs, but it is possible with CiscoSecure ACS (TACACS/RADIUS), but i don't know the details. I would suggest you open a TAC case to get a definitive answer on this.

R/Yusuf

115
Views
0
Helpful
3
Replies
CreatePlease login to create content