Section 7.0: AAA

7.1. AAA on the Switch

  1. Configure AAA on both switches using RADIUS. See Example 4-35.

  2. Configure EXEC authorization using RADIUS.

  3. Configure Network entries on ACS for Switch1 IP 172.16.3.10 and Switch2 IP 172.16.4.20 with key cisco. This is because Switch1 has a VLAN3 interface and all AAA requests will be sourced using the VLAN3 interface IP address. This is not the case in Switch2, since it has only one VLAN interface—the Management VLAN4 with IP address 172.16.4.20 See Figure 4-7 for ACS configuration.

    Figure 4-7. NAS Settings on ACS

  4. Configure the AAA fallback method to local and configure a local username on both switches.

  5. Configure ...

Get CCIE Security Practice Labs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial