[tac_plus] Re: tac_plus config
john heasley
heas at shrubbery.net
Mon Aug 3 15:46:02 UTC 2009
Mon, Aug 03, 2009 at 10:55:32AM -0400, Tom Murch:
> Hello
>
> so I am trying to get this up and running correctly but I am not sure on a
> few things. What I am trying to accomplish is as follows:
>
> user tom would have access to switches 1-5 and routers 1-10. Tom will also
> be able to enable on all these switches and routers. The enable password is
> different on some routers how do I define that?
>
> user matt would have access to switches 1-5 and routers 1-10 but only able
> to enable on switches 1-5 and routers 1-4.
user tom { }
acl = badmatt {
deny 192\.168\.0\.1 # disallow enable on this tacacs client
permit .*
}
user matt { enableacl = badmatt }
> Any help would be greatly appreciated as I am a tad confused on how to do
> this or if it is even possible.
>
> Thanks in advance
>
> Tom
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20090803/0eb0a14d/attachment.html
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
More information about the tac_plus
mailing list