Firewalls: Re: Tacacs+

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Tacacs+
From:	Mark Krause <mkrause @ UU . NET>
Organization:	UUNET Technologies, Inc.
Date:	Fri, 06 Dec 1996 11:16:27 -0500
To:	Christopher Tighe <ctighe @ dat . tds . de>
Cc:	firewalls @ greatcircle . com
References:	<328A0ABB . 59E2 @ dat . tds . de>

Christopher Tighe wrote:
>
> how do you configure a tacacs server to provide authentication
> for a cisco router for enable (privilaged) mode.
> for normal login it is okay and works fine, but in enable
> mode I receive the following error message:
> 
> I think I need to define some special user in my tacacs passwd
> file, but I can't find any reference to that so how do I do
> it?  Please help, I am getting desperate.....

Yes, you do need to define a special user.

You need to create a user called "$enable$" for the default enable.
For other privilege levels create users of the form "$enab<n>$"
where <n> is the privilege level.

For example

user = $enable$ {
    login = <password stuff>
}

user = $enab9$ {
    login = <password stuff>
}

-- 
Mark Krause                UUNET Technologies, Inc.   http://www.uu.net/
Senior Security Engineer   3060 Williams Drive
mkrause @
 uu .
 net             Fairfax, VA 22031-4648 USA
Tel: +1 703 208 5349       Fax: +1 703 206 5493
PGP Key fingerprint =  CD CE 5F C2 DD 7A A6 A3  11 8C 9D 05 48 DA 4F 18

References:

Tacacs+
From: Christopher Tighe <ctighe @ dat . tds . de>

Indexed By Date	Previous:	Re: your mail From: jegan @ iai . com (James Egan)
Indexed By Date	Next:	Re: Why would someone want an NT firewall? From: "Richard E. Obrecht" <ro03868%itsaxp6 @ cobe . com>
Indexed By Thread	Previous:	Tacacs+ From: Christopher Tighe <ctighe @ dat . tds . de>
Indexed By Thread	Next:	Re: Tacacs+ From: woods @ ucar . edu (Greg Woods)