Specifications
Configuring per-User Configuration
Configuration Examples for Per-User Configuration
DC-691
Cisco IOS Dial Technologies Configuration Guide
IPX Per-User SAP Filters Using IPXWAN and Virtual Profiles by a Synchronous Interface
The following example provides configurations for the TACACS+ daemon and the peer router named
Router1. On the TACACS+ AAA server, user ny has a configuration that includes inbound and outbound
SAP filters.
TACACS+ Freeware Daemon Configuration File for User
key = tac123
user = Router1 {
global = cleartext welcome
service = ppp protocol = ipx {
sap=”101 CYBER-01 40.0000.0000.0001 400 10"
sap=”202 CYBER-02 40.0000.0000.0001 401 10"
sap=”303 CYBER-03 40.0000.0000.0001 402 10"
sap-fltr-out#1=”deny 40 101"
sap-fltr-out#2=”deny 40 202"
sap-fltr-out#3=”permit -1"
sap-fltr-in#1=”permit 30 444"
sap-fltr-in#2=”deny -1"
Current Remote Peer (Router1) Configuration
version 11.3
!
hostname Router1
!
enable password lab
!
username Router2 password 7 140017070F0B272E
ip host Router1 172.21.114.131
ip name-server 172.19.2.132
ip name-server 192.168.30.32
ipx routing 0000.0c47.090d
ipx internal-network 30
!
interface Ethernet0
ip address 172.21.114.131 255.255.255.224
!
interface Serial1
no ip address
encapsulation ppp
ipx ipxwan 0 unnumbered peer-Router1
clockrate 4000000
!
ipx sap 444 ZEON-4 30.0000.0000.0001 444 10
ipx sap 555 ZEON-5 30.0000.0000.0001 555 10
ipx sap 666 ZEON-6 30.0000.0000.0001 666 10
!
Current Network Access Server (Router2) Configuration
version 11.3
service timestamps debug uptime
!
hostname Router2
!
aaa new-model
aaa authentication ppp default tacacs+
aaa authorization network tacacs+
enable password lab
!
username Router1 password 7 044C0E0A0C2E414B
ip host LA 172.21.114.133
ip name-server 192.168.30.32