Pages

Tuesday, March 4, 2014

Configure AAA Authentication on Cisco Routers

R1

!---- Task 1:      Configure Local AAA Authentication for Console Access on R1
!-- Step 2.      Configure a local username on R1.
!
enable
ciscoenpa55
configure terminal
!
username Admin1 password admin1pa55
!
!-- Step 3.      Configure local AAA authentication for console access on R1.
!
aaa new-model
aaa authentication login default local
!
!-- Step 4.      Configure the line console to use the defined AAA authentication method.
!
line console 0
login authentication default
!
!-- Step 5.      Verify the AAA authentication method.
!
end
exit
!
!-Username: Admin1
!-Password: admin1pa55
!
!---- Task 2:      Configure Local AAA Authentication for VTY Lines on R1
!-- Step 1.      Configure a named list AAA authentication method for VTY lines on R1.
!
enable
ciscoenpa55
configure terminal
!
aaa authentication login TELNET-LOGIN local
!
!-- Step 2.      Configure the VTY lines to use the defined AAA authentication method.
!
line vty 0 4
login authentication TELNET-LOGIN
end
!
--------------------------------------------------------------------------------------------------------------------------------------

R2

!---- Task 3:      Configure Server-Based AAA Authentication Using TACACS+ on R2
!-- Step 1.      Configure a backup local database entry called Admin.
!
enable
ciscoenpa55
configure terminal
!
username Admin password adminpa55
!
!-- Step 3.      Configure the TACACS+ server specifics on R2.
!
tacacs-server host 192.168.2.2
tacacs-server key tacacspa55
!
!-- Step 4.      Configure AAA login authentication for console access on R2.
!
aaa new-model 
aaa authentication login default group tacacs+ local 
!
!-- Step 5.      Configure the line console to use the defined AAA authentication method.
!
line console 0
login authentication default
!
!-- Step 6.      Verify the AAA authentication method.
!
end
exit
!
!-Username: Admin2
!-Password: admin2pa55


--------------------------------------------------------------------------------------------------------------------------------------


R3


!---- Task 4:      Configure Server-Based AAA Authentication Using RADIUS on R3
!-- Step 1.      Configure a backup local database entry called Admin.
!
enable
ciscoenpa55
configure terminal
!
username Admin password adminpa55
!
!-- Step 3.      Configure the RADIUS server specifics on R3.
!
radius-server host 192.168.3.2
radius-server key radiuspa55
!
!-- Step 4.      Configure AAA login authentication for console access on R3.
!
aaa new-model
aaa authentication login default group radius local
!
!-- Step 5.      Configure the line console to use the defined AAA authentication method.
!
line console 0
login authentication default
!
!-- Step 6.      Verify the AAA authentication method.
!
end
exit
!
!-Username: Admin3
!-Password: admin3pa55



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)