Specifying Switch User Roles And Smnpv3 Parameters On Aaa Servers; Displaying And Clearing The Local Aaa Accounting Log; Verifying Aaa Configuration - Cisco Nexus 5000 Series Configuration Manual

Nx-os security configuration guide

Hide thumbs Also See for Nexus 5000 Series:

Cli configuration manual (660 pages)

Configuration manual (334 pages)

Command reference manual (196 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

page of 108

/ 108
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring Authentication, Authorization, and Accounting

Specifying Switch User Roles and SMNPv3 Parameters on AAA Servers

You can use the VSA cisco-av-pair on AAA servers to specify user role mapping for the Cisco Nexus 5000

Series switch using this format:

shell:roles="roleA roleB ..."

If you do not specify the role option in the cisco-av-pair attribute, the default user role is network-operator.

You can also specify your SNMPv3 authentication and privacy protocol attributes as follows:

shell:roles="roleA roleB..." snmpv3:auth=SHA priv=AES-128

The SNMPv3 authentication protocol options are SHA and MD5. The privacy protocol options are AES-128

and DES. If you do not specify these options in the cisco-av-pair attribute, MD5 and DES are the default

authentication protocols.

For additional information, see the Configuring User Accounts and RBAC chapter in the Cisco Nexus 5000

Series NX-OS System Management Configuration Guide.

Displaying and Clearing the Local AAA Accounting Log

The Cisco Nexus 5000 Series switch maintains a local log for the AAA accounting activity. To display this

log and clear it, perform this task:

SUMMARY STEPS

1. switch# show accounting log [size] [start-time year month day hh : mm : ss]

2. (Optional) switch# clear accounting log

DETAILED STEPS

Command or Action

Step 1

switch# show accounting log [size]

[start-time year month day hh : mm : ss]

Step 2

switch# clear accounting log

Verifying AAA Configuration

To display AAA configuration information, perform one of the following tasks:

OL-20919-01

Specifying Switch User Roles and SMNPv3 Parameters on AAA Servers

Purpose

Displays the accounting log contents. By default, the command output

contains up to 250,000 bytes of the accounting log. You can use the size

argument to limit command output. The range is from 0 to 250000 bytes.

You can also specify a start time for the log output.

(Optional)

Clears the accounting log contents.

Cisco Nexus 5000 Series NX-OS Security Configuration Guide

Table of Contents

Specifying Switch User Roles And Smnpv3 Parameters On Aaa Servers; Displaying And Clearing The Local Aaa Accounting Log; Verifying Aaa Configuration - Cisco Nexus 5000 Series Configuration Manual

Specifying Switch User Roles and SMNPv3 Parameters on AAA Servers

Displaying and Clearing the Local AAA Accounting Log

Verifying AAA Configuration

Related Manuals for Cisco Nexus 5000 Series

Related Content for Cisco Nexus 5000 Series

Table of Contents