[tac_plus] Re: tac_plus config

Tom Murch tmurch at toniccomputers.com
Tue Aug 4 12:21:47 UTC 2009


great that worked so the only other thing I do not understand is how to let
tom enable on all routers and switches when there are 5 different enable
passwords between all the equipment?

On Mon, Aug 3, 2009 at 11:46 AM, john heasley <heas at shrubbery.net> wrote:

> Mon, Aug 03, 2009 at 10:55:32AM -0400, Tom Murch:
> > Hello
> >
> >   so I am trying to get this up and running correctly but I am not sure
> on a
> > few things. What I am trying to accomplish is as follows:
> >
> > user tom would have access to switches 1-5 and routers 1-10. Tom will
> also
> > be able to enable on all these switches and routers. The enable password
> is
> > different on some routers how do I define that?
> >
> > user matt would have access to switches 1-5 and routers 1-10 but only
> able
> > to enable on switches 1-5 and routers 1-4.
>
> user tom { }
> acl = badmatt {
>        deny 192\.168\.0\.1     # disallow enable on this tacacs client
>        permit .*
> }
> user matt { enableacl = badmatt }
>
> > Any help would be greatly appreciated as I am a tad confused on how to do
> > this or if it is even possible.
> >
> > Thanks in advance
> >
> > Tom
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL:
> http://www.shrubbery.net/pipermail/tac_plus/attachments/20090803/0eb0a14d/attachment.html
> > _______________________________________________
> > tac_plus mailing list
> > tac_plus at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20090804/5fb54404/attachment.html 


More information about the tac_plus mailing list