[tac_plus] Re: tac_plus config
Tom Murch
tmurch at toniccomputers.com
Fri Aug 21 16:52:19 UTC 2009
yeah thats a miss type on part. Let me go try this out.
On Fri, Aug 21, 2009 at 12:09 PM, john heasley <heas at shrubbery.net> wrote:
> Fri, Aug 21, 2009 at 11:29:14AM -0400, Tom Murch:
> > ok so here is what i have
> >
> > user tom {
> > login = cleartext 'tom'
> > enable = cleartext 'tom12'
> > }
> >
> > acl = badmatt {
> > login = cleartext 'matt'
> > enable = cleartext 'matt12'
> > deny 192\.168\.0\.1 # disallow enable on this tacacs client
> > permit .*
> > }
> > user matt { enableacl = badmatt }
> >
> > Will this work so that Tom and Matt can both enable on all things except
> the
> > 192.168.0.1 that matt is acl from?
>
> yes, but login and enable are not valid in acl {}.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20090821/ce93c110/attachment.html
More information about the tac_plus
mailing list