- #AAA ACCOUNTING EXEC CISCO SECURE ACCESS CONTROL SYSTEM SOFTWARE#
- #AAA ACCOUNTING EXEC CISCO SECURE ACCESS CONTROL SYSTEM PASSWORD#
The tacacs-server command provides the IP address of the TACACS+ server and the key. The following commands configure parameters for authorization and accounting by using the TACACS+ server. The second command configures the router to use the TACACS+ server for authentication. The following are configurations that use TACACS+ and RADIUS.Įxample 12-3 shows AAA with TACACS+. This guide does not cover every AAA configuration option. Authentication, authorization, and accounting are configured with the following commands: After AAA is enabled, security protocol parameters (TACACS/RADIUS) can be configured.
AAA ConfigurationĪAA is enabled with the command aaa new-model.
#AAA ACCOUNTING EXEC CISCO SECURE ACCESS CONTROL SYSTEM SOFTWARE#
The Cisco Secure ACS server software can act as a RADIUS or TACACS+ server. AAA is the means through which you establish communication between the router and the RADIUS, TACACS+, or Kerberos security server. AAA uses protocols such as RADIUS, TACACS+, and Kerberos to administer its security functions. Examples of parameters that are stored in the accounting server are device failed and successful login attempts, commands used, and time and date of event.ĪAA router commands provide additional security over exec and enable level passwords. It also tracks the amount of network resources (bytes) used. For example, a user might be given exec router privileges but denied access to enable mode.Īccounting tracks users and stores the information in an off-line server.
#AAA ACCOUNTING EXEC CISCO SECURE ACCESS CONTROL SYSTEM PASSWORD#
Authentication can include login and password dialogs, challenge and response, and encryption.Īuthorization specifies the level of access that the user can have on the system. Accounting-When was the device accessed, by whom, and what commands were used?Īuthentication allows the identification of the user that is accessing the device.Authorization-What resources can be accessed?.AAA (triple A) provides a modular framework for configuring three security functions.
0 kommentar(er)
