O'Reilly logo

CCIE Security Practice Labs by Fahim Hussain Yusuf Bhaiji

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Section 7.0: AAA

7.1. AAA on the Router

  1. Configure AAA on R4 to use the TACACS+ server.

  2. Configure authentication, EXEC authorization, and command-level 1/10/15 authorization.

  3. Move the show running-config command to level 10 for user1 to be able to invoke it.

  4. Configure fallback to local in the event the AAA server goes down.

  5. Make sure you use a named method list and apply it to vty lines. Do not configure any authentication or authorization for console or auxiliary ports, or you will lose all marks.

  6. Use the following example to configure all of the above.

     aaa new-model aaa authentication login vtyline group tacacs+ local aaa authentication login con-none none aaa authorization exec vtyexec group tacacs+ local aaa authorization exec conexec none aaa ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required