000025946 - How do I configure access control lists using Tacacs+?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025946
Applies ToTACACS+
ACL
RSA ACE/Server
UNIX (AIX, HP-UX, Solaris)
IssueHow do I configure access control lists using Tacacs+?
ResolutionThe instructions for doing this including examples are in the tacplus.pdf file on the CD. The changes are made to the "path"/ace/data/sdtacplus.cfg file.  
Note page 8 of the tacplus.pdf file.

USER=FRED {
        default service = permit
        service = exec {
        acl = value         #exec level for user
        autocmd = "telnet foobar"
        }
        cmd = telnet {
        # allow all fred's telnet commands except telnet to 131.108.13.*
        deny 131\.108\.13\.[0-9]+
        permit .*
        }
}
Legacy Article IDa6054

Attachments

    Outcomes