Notes On AAA

Enabling aaa new model means the switch will try and match all login attempts using a aaa method.

First, define the TACACS or RADIUS server using:

tacacs-server host <IP-address> <optional key value>

There are some other values you can use, but I’ve never had to use these.

Now, give your authentication method a name:

aaa group server tacacs+ <method-name>
 server <IP-address>

Call the method for authenttication

aaa authentication login default group <method-name> group <fallback method name if configured> local

You should now be good to go!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s