From: Adrian Chadd (no email)
Date: Wed May 02 2001 - 03:25:17 EDT
On Wed, May 02, 2001, John Fraizer wrote:
>
>
> I'm just currious. I've seen sevaral posts over the past few months
> regarding TACACS and RADUIS being used for authentication for term servers
> that are used for OOB access to devices. Something just isn't making
> sense here. If you need to use the device to access something OOB, has it
> perhaps come to your attention that it is quite possible that YOUR IPV4
> NETWORK CONNECTION TO YOUR TSERVER IS MOST LIKELY DOWN AS WELL and as
> such, IT CAN'T AUTHENTICATE YOU TO THE TACACS OR RADIUS SERVER?
You can configure "default" passwords which are used if your
authentication servers are down.
.. you guys do this, right? :-)
> Thank you for letting me get that off my chest.
Welcome. :)
> I welcome enlightenment from those who see past the gotcha I've outlined
> above.
I'm sure you can find example configurations for this on cisco's
website. :-)
In any case, it is certainly plausible that you'd need OOB access to
a device that you can't get IP connectivity to but you can get
connectivity to the local term server. Think "crashed server".
Or "broken flash". Or "Failed remote software upgrade".
Adrian
-- Adrian Chadd "Two hundred and thirty-three thousand <> times the speed of light. Dear holy fucking shit."
|
|
|