[tac_plus] Re: tac_plus config

Tom Murch tmurch at toniccomputers.com
Fri Aug 21 16:52:19 UTC 2009


yeah thats a miss type on part. Let me go try this out.

On Fri, Aug 21, 2009 at 12:09 PM, john heasley <heas at shrubbery.net> wrote:

> Fri, Aug 21, 2009 at 11:29:14AM -0400, Tom Murch:
> > ok so here is what i have
> >
> > user tom {
> >          login = cleartext 'tom'
> >          enable = cleartext 'tom12'
> > }
> >
> > acl = badmatt {
> >        login = cleartext 'matt'
> >        enable = cleartext 'matt12'
> >        deny 192\.168\.0\.1     # disallow enable on this tacacs client
> >        permit .*
> > }
> > user matt { enableacl = badmatt }
> >
> > Will this work so that Tom and Matt can both enable on all things except
> the
> > 192.168.0.1 that matt is acl from?
>
> yes, but login and enable are not valid in acl {}.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20090821/ce93c110/attachment.html 


More information about the tac_plus mailing list