In article <2004Aug25.133849@hujicc>,
says...
> Hello,
>
> I would like to do some processing on our dialin users (modems & ADSL) by
> implementing the following mechanism:
>
> - The user dials-in, authenticates, and then granted a limited access
> (via an interface access list).
>
> - After we are done our checks (some client-server application running from our
> control center to the home user) I would like to change his access rights
> by changing (or removing) the access list.
>
> The problem is that we are using virtual templates from which each user gets a
> virtual-access interface; it is not possible to change an access list on this
> specific virtual-access interface.
>
> Any idea how can I implement such a thing easily? We are using a home-built
> Tacacs+ server (based on one of the early public implementations of it).
The first part is easy. Just use Lock & Key ACL.
http://www.cisco.com/univercd/cc/td/...os122/122cgcr/
fsecur_c/ftrafwl/scflock.htm
Not sure if I can help you with the second requirement though.
--
hsb
"Somehow I imagined this experience would be more rewarding" Calvin
*************** USE ROT13 TO SEE MY EMAIL ADDRESS ****************
************************************************** ******************
Due to the volume of email that I receive, I may not not be able to
reply to emails sent to my account. Please post a followup instead.
************************************************** ******************
Similar Threads
