<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p><br>
</p>
<p>I'm aware of the Host ACL usage in TACACS:</p>
<p><br>
</p>
<p>acl = TEST-ACL {</p>
<p> # Permit these NAS to login via TACACS</p>
<p></p>
<p> permit = ^10\.</p>
<p></p>
<p>}</p>
<div><br>
</div>
<div>But is there any configuration that will limit which client (i.e. rancid server) is able to authenticate with TAC+ ? I'm trying to lock down RANCID so only that server/user can login to our network equipment with certain privileges. </div>
<div><br>
</div>
<p>I think this might be feasible with do_auth, but I haven't played around with that yet.</p>
<p><br>
</p>
<div id="Signature">
<div id="divtagdefaultwrapper" style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif">
<p class="p1">-- </p>
<p class="p1">Matt Almgren, Sr. Networking Engineer</p>
<p class="p3">101 Lytton Ave., Palo Alto. CA 94301</p>
<p class="p1">matta@surveymonkey.com</p>
<p></p>
<p class="p1">408.499.9669</p>
</div>
</div>
</div>
</body>
</html>