Notes On AAA

Enabling aaa new model means the switch will try and match all login attempts using a aaa method.

First, define the TACACS or RADIUS server using:

tacacs-server host <IP-address> <optional key value>

There are some other values you can use, but I’ve never had to use these.

Now, give your authentication method a name:

aaa group server tacacs+ <method-name>
 server <IP-address>

Call the method for authenttication

aaa authentication login default group <method-name> group <fallback method name if configured> local

You should now be good to go!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s