Difference between revisions of "CCNP TSHOOT Learning Guide/Chapter 9"
From Teknologisk videncenter
m (→AAA) |
m (→Radius) |
||
(One intermediate revision by one other user not shown) | |||
Line 2: | Line 2: | ||
==AAA== | ==AAA== | ||
===Radius=== | ===Radius=== | ||
+ | Example | ||
<source lang=cli> | <source lang=cli> | ||
enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1 | enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1 | ||
Line 17: | Line 18: | ||
ip telnet source-interface Vlan100 | ip telnet source-interface Vlan100 | ||
ip ssh source-interface Vlan100 | ip ssh source-interface Vlan100 | ||
+ | radius-server host 10.0.0.1 auth-port 1812 key cisco | ||
! | ! | ||
line con 0 | line con 0 | ||
Line 27: | Line 29: | ||
transport input ssh | transport input ssh | ||
</source> | </source> | ||
+ | |||
=== Troubleshooting=== | === Troubleshooting=== | ||
*'''debug aaa authorization''' | *'''debug aaa authorization''' |
Latest revision as of 20:59, 20 June 2010
Contents
Maintaining and Troubleshooting Network Security Implementations
AAA
Radius
Example
enable secret 5 $1$zH7k$U84Js/TPyh3mzsPpuQss/1
!
username admin secret 5 $1$yGKr$lvsrt5i61iV63FohXNTPS0
aaa new-model
!
aaa authentication login default local
aaa authentication login CONSOLE none
aaa authentication login TELNET_LINES group radius local
aaa authorization exec default group radius local
aaa authorization exec TELNET_LINES group radius local
!
aaa session-id common
ip telnet source-interface Vlan100
ip ssh source-interface Vlan100
radius-server host 10.0.0.1 auth-port 1812 key cisco
!
line con 0
exec-timeout 60 0
logging synchronous
login authentication CONSOLE
line vty 0 4
exec-timeout 60 0
login authentication TELNET_LINES
transport input ssh
Troubleshooting
- debug aaa authorization
- debug aaa accounting
- debug aaa authentication
- debug radius
- debug tacacs