CCNP TSHOOT Learning Guide/Chapter 9

From Teknologisk videncenter
Jump to: navigation, search

Maintaining and Troubleshooting Network Security Implementations

AAA

Radius

Example

enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1
!
username admin secret 5 $1$yGKr$lvsrt5i61iV63FohXNTPS0
aaa new-model
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authentication login TELNET_LINES group radius local
aaa authorization exec default group radius local
aaa authorization exec TELNET_LINES group radius local
!
aaa session-id common
ip telnet source-interface Vlan100
ip ssh source-interface Vlan100
radius-server host 10.0.0.1 auth-port 1812 key cisco
!
line con 0
 exec-timeout 60 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 60 0
 login authentication TELNET_LINES
 transport input ssh

Troubleshooting

  • debug aaa authorization
  • debug aaa accounting
  • debug aaa authentication
  • debug radius
  • debug tacacs