[tac_plus] Re: deny telnet?
john heasley
heas at shrubbery.net
Thu Jan 18 17:14:04 UTC 2007
Thu, Jan 18, 2007 at 04:18:42PM +0100, Bergs, Martin:
> Hi,
>
> I have the problem that I want to deny users to telnet from a router to
> an other device. So I deny the telnet command but on IOS the user can
> also just enter an IP address an start like this a telnet session.
> How to configure TACAcS+ to deny telnet for a user by just entering an
> IP address? Do you have an idea?
Didn't know that was possible. you could list the commands that a user is
authorized to use and deny all others. or, try a regex
deny [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}
deny [0-9A-F]{1,4}:
More information about the tac_plus
mailing list