AAA authentication configuration [Cisco IOS]
Topology:
TACACS protcol configuration:
Tacacs server configuration:
R1 AAA Tacas configuration:
- Interface configuration:
R1(config)#int gi0/0/0
R1(config-if)#ip add
R1(config-if)#ip address 10.1.1.254 255.255.255.0
R1(config-if)#no shudown
%LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up
- AAA authentification with Tacacs+:
Router(config)#host R1
R1(config)#aaa new-model
R1(config)#username amigo password cisco
R1(config)#aaa authentication login default group tacacs+ local
R1(config)#aaa authentication enable default group tacacs+ local
R1(config)#tacacs-server host 10.1.1.250 key cisco
R2 AAA Raduis authentification:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hos
Router(config)#hostname R2
R2(config)#AAA new-model
R2(config)#username amigo password cisco123
R2(config)#aaa authentication enable default group radius local
R2(config)#aaa authentication login default group radius local
R2(config)#radius-server host 10.1.1.250 key cisco
R2(config)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#int gigabitEthernet 0/0/0
R2(config-if)#ip address 10.1.1.253 255.255.255.0
R2(config-if)#no sh
R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0, changed state to up
test it: