Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EZVPN Block Telnet Access


I configure some local users in router for ezvpn x-authentication. But i want these user cant telnet into router. I can restrict users up to some extend by configuring users with privilege 0 but still user can run show commands.

My requirement is vpn users shouldn't even get telnet session whereas admin user should able.

Waiting for solution



Re: EZVPN Block Telnet Access

What are you using for authentication server? are those users locally defined on the router or are they authenticated against a radius server?

New Member

Re: EZVPN Block Telnet Access

users are configured on router locally...

Re: EZVPN Block Telnet Access

After scratching my head for a while I guess your best option (if using and external authentication server is not an option) is to use the privilege command, and move a to a higher privilege the possible commands found on when user is on privilege 0.

This will not prevent them to log in to the router but they will not be able to do anything but exit (if you enable that). External authentication server allows you to control this.

CreatePlease to create content