Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Securing EXEC dial-in...

Can someone point me to a whitepaper that talks about securing a dial-in connection? (Modem on AUX0 port used for EXEC dialin) Since EXEC dial-in doesn't support dial-back, what other methods are available for multiple layers of security? Can I tell the router to only accept calls from certain phone numbers? I guess I can put an outbound ACL on FA0/0, to allow the dial-in IP pool to only go to certain areas, but this would be 'containing a break-in', versus 'preventing a break-in'.


Hall of Fame Super Silver

Re: Securing EXEC dial-in...


I have not done it so I can not speak from experience, but I assume that you can apply the same kind of controls to exec sessions started on the aux that you to for exec sessions started on the vty. So if you use aaa and an external authentication server to control telnet to the router I would think you could also use it for control of exec on the aux. Or if you do not use an external server for authentication I would think that you could do login local and authenticate against user ID and password configured on the router.