Re: Default Authentication
Alan DeKok wrote:
If you want only groups A and B to log in, do:
DEFAULT Group == A, Auth-Type = System
...
DEFAULT Group == B, Auth-Type = System
...
DEFAULT Auth-Type := Reject
Thanks. Here's what I done.
DEFAULT Group == router-ro, Auth-Type = System
Service-Type = NAS-Prompt-User,
cisco-avpair := "shell:priv-lvl=7"
DEFAULT Group == router-rw, Auth-Type = System
Service-Type = NAS-Prompt-User,
cisco-avpair := "shell:priv-lvl=15"
but I can't get restriction for another group "fw-group" to work.
*added to users*
DEFAULT Group == fw-group, Auth-Type = System
Huntgroup-Name == "fw-pix",
Service-Type = NAS-Prompt-User,
cisco-avpair := "shell:priv-lvl=15"
*added to huntgroups*
fw-pix NAS-IP-Address == 10.0.0.1
fw-pix NAS-IP-Address == 10.0.0.2
Group "router-ro" and "router-rw" still can login to the PIX. Can you
give me few more pointers?
Norman
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.