O'Reilly logo

CCIE Security Practice Labs by Fahim Hussain Yusuf Bhaiji

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Section 7.0: AAA

7.1. AAA on the Switch

  1. Configure RADIUS authentication and accounting for Switch2 management.

  2. Configure AAA to fallback local in the event the AAA server is not available.

  3. Configure switch2 to send all authentication requests to RADIUS server 172.16.1.5 and all accounting requests to RADIUS server 172.16.1.6 only. You can do this by configuring the auth-port or acct-port to 0 for not sending, as shown in the example that follows:

    hostname sw2
    !
    aaa new-model
    aaa authentication login vty group radius local
    aaa accounting exec vty start-stop group radius
    enable password cisco
    !
    username switch-telnet password 0 cisco
    !
    radius-server host 172.16.1.5 auth-port 1812 acct-port 0
    								radius-server host 172.16.1.6 auth-port 0 acct-port 1813 ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required