Restricting access through connection type
The vRouter sends different connection-type information through the TACACS+ protocol based on the type of connection by which the user is accessing the vRouter. This information can be used to restrict how certain types of users are allowed to access the system. For example, it is possible to restrict administrators to only login access through the physical console rather than remotely through SSH or Telnet.
Connection type | Protocol value sent to TACACS+ |
---|---|
Console |
login |
SSH |
sshd |
Telnet |
telnet |