CCIE Security Practice Labs

Section 7.0: AAA

7.1. AAA on the Switch

Configure RADIUS authentication and accounting for Switch2 management.
Configure AAA to fallback local in the event the AAA server is not available.

Configure switch2 to send all authentication requests to RADIUS server 172.16.1.5 and all accounting requests to RADIUS server 172.16.1.6 only. You can do this by configuring the auth-port or acct-port to 0 for not sending, as shown in the example that follows:

hostname sw2
!
aaa new-model
aaa authentication login vty group radius local
aaa accounting exec vty start-stop group radius
enable password cisco
!
username switch-telnet password 0 cisco
!
radius-server host 172.16.1.5 auth-port 1812 acct-port 0
								radius-server host 172.16.1.6 auth-port 0 acct-port 1813 ...

Get CCIE Security Practice Labs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCIE Security Practice Labs by Fahim Hussain Yusuf Bhaiji

Section 7.0: AAA

7.1. AAA on the Switch

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly