![]() This article assumes that all back-end AAA server configuration has been completed and is working.Ĭonfiguring AAA on IOS for general administrative access entails four basic steps: ![]() Users must be able to log in using a backup local user account stored on the router only if neither TACACS+ server is reachable.All users logging into the router must authenticate with a username and password to one of two redundant TACACS+ servers.This article will look at deploying a typical IOS router AAA configuration which must meet two requirements: For much more robust and easily managed authentication schemes, IOS supports the Authentication, Authorization, and Accounting (AAA) model, using the RADIUS or TACACS+ protocols to centralize these functions on dedicated AAA servers. While easily implemented, this approach is far from ideal for a production network. For example:Įnable secret 5 $1$J19J$Q2jB2AM64H0U001nHStLW1 ![]() Cisco IOS supports minimal password authentication at the console/VTY line and privilege exec boundaries, through the use of static, locally defined passwords.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |