1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Server
  5. AS5300-96VOIP-A
  6. Software configuration manual

Security Examples; Simple Local Security Example; Tacacs+ Security Example For Login, Ppp, And Ara - Cisco AS5300-96VOIP-A Software Configuration Manual

Universal access server
Hide thumbs
Table of Contents

Advertisement

Security Examples

This series of examples shows complete security configuration components of a configuration file
on an access server. Each of these examples shows authentication and authorization.

Simple Local Security Example

This sample configuration uses AAA to configure default authentication using a local security
database on an access server. All lines and interfaces have the default authentication lists applied.
Users aaaa, bbbb, and cccc have been assigned privilege level 7, which prevents them from issuing
the ppp, arap, and slip commands, because these commands have been assigned to privilege level 8.
With this configuration, the sign-on dialog from a remote PC appears as follows:

TACACS+ Security Example for Login, PPP, and ARA

The following example shows how to create and apply authentication lists:
aaa new-model
aaa authentication login default local
aaa authentication arap default local
aaa authentication ppp default local
aaa authorization exec local
aaa authorization network local
aaa authorization
!
username aaaa privilege exec level 7 privilege network level 8 password 7 095E470B1110
username bbbb privilege network level 7 password 7 0215055500070C294D
username cccc privilege network level 7 password 7 095E4F10140A1916
!
privilege exec level 8 ppp
privilege exec level 8 arap
privilege exec level 8 slip
line console 0
login authentication default
!
line 1 48
arap authentication default
!
interface Group-Async1
ppp authentication chap default
group-range 1 48
atdt5551234
CONNECT 14400/ARQ/V32/LAPM/V42BIS
User Access Verification
Username: aaaa
Password: <password>
5300> enable
Password: <password>
5300#
A TACACS+ server named maui is polled for authentication information (so you do not need to
define a local username database). The shared key between the access server and the TACACS+
security server is shepard4.
A login authentication list named rtp2-office is created, then applied to the console port.
Security Examples
Access Service Security 4-19

Advertisement

Table of Contents
loading

Related Manuals for Cisco AS5300-96VOIP-A

Related Content for Cisco AS5300-96VOIP-A

This manual is also suitable for:

As5300

Table of Contents