[tac_plus] Re: ACL - Deny users access to specific hosts

john heasley heas at shrubbery.net
Wed Aug 27 05:06:03 UTC 2008


Fri, Aug 22, 2008 at 01:09:54PM +0200, Christian Karlsson:
> Hello
> 
> I want to be able to specify what cisco routers a user can connect to.
> I want him to be able to connect to router 192.168.1.1 but not the 
> 192.168.1.5 router.
> 
> Quote from guide:
> "The ACL is applied to the source address that the device used to 
> connect to the tac_plus daemon. On most routers, this can be explicitly 
> set. For example, on a cisco router:"
> 
> Like i understood the ACL it changes where i can telnet from not to?

the address considered is the address of the tacacs daemon's client, ie:
the router.

> Is it possible to deny access to a cisco from tacacs_plus or other 
> way(Still tacacs enabled cisco)

> If not, is there a possibility that this function will be added in the 
> future?
> 
> /Christian
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus


More information about the tac_plus mailing list