Difference between revisions of "CCNP TSHOOT Learning Guide/Chapter 9"

From Teknologisk videncenter
Jump to: navigation, search
m (New page: =Maintaining and Troubleshooting Network Security Implementations = ==AAA== ===Radius=== <source lang=cli> enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1 ! username admin secret 5 $1$yGKr$...)
 
m (Radius)
 
(2 intermediate revisions by one other user not shown)
Line 2: Line 2:
 
==AAA==
 
==AAA==
 
===Radius===
 
===Radius===
 +
Example
 
<source lang=cli>
 
<source lang=cli>
 
enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1
 
enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1
Line 17: Line 18:
 
ip telnet source-interface Vlan100
 
ip telnet source-interface Vlan100
 
ip ssh source-interface Vlan100
 
ip ssh source-interface Vlan100
 +
radius-server host 10.0.0.1 auth-port 1812 key cisco
 
!
 
!
 
line con 0
 
line con 0
Line 27: Line 29:
 
  transport input ssh
 
  transport input ssh
 
</source>
 
</source>
 +
 +
=== Troubleshooting===
 +
*'''debug aaa authorization'''
 +
*'''debug aaa accounting'''
 +
*'''debug aaa authentication'''
 +
*'''debug radius'''
 +
*'''debug tacacs'''
 +
 +
 
{{Source cli}}
 
{{Source cli}}
 
[[Category:CCNPv6]][[Category:CCNPv6 TSHOOT]]
 
[[Category:CCNPv6]][[Category:CCNPv6 TSHOOT]]

Latest revision as of 20:59, 20 June 2010

Maintaining and Troubleshooting Network Security Implementations

AAA

Radius

Example

enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1
!
username admin secret 5 $1$yGKr$lvsrt5i61iV63FohXNTPS0
aaa new-model
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authentication login TELNET_LINES group radius local
aaa authorization exec default group radius local
aaa authorization exec TELNET_LINES group radius local
!
aaa session-id common
ip telnet source-interface Vlan100
ip ssh source-interface Vlan100
radius-server host 10.0.0.1 auth-port 1812 key cisco
!
line con 0
 exec-timeout 60 0
 logging synchronous
 login authentication CONSOLE
line vty 0 4
 exec-timeout 60 0
 login authentication TELNET_LINES
 transport input ssh

Troubleshooting

  • debug aaa authorization
  • debug aaa accounting
  • debug aaa authentication
  • debug radius
  • debug tacacs