AAA Authentication.......................................................................................................................................................698
Obscuring Passwords and Keys................................................................................................................................... 702
AAA Authorization......................................................................................................................................................... 702
Privilege Levels Overview....................................................................................................................................... 702
RADIUS............................................................................................................................................................................707
RADIUS Authentication........................................................................................................................................... 707
TACACS+.........................................................................................................................................................................712
TACACS+ Remote Authentication......................................................................................................................... 713
Command Authorization..........................................................................................................................................715
Enabling SCP and SSH.................................................................................................................................................. 715
Secure Shell Authentication................................................................................................................................... 720
Troubleshooting SSH............................................................................................................................................... 723
Telnet............................................................................................................................................................................... 723
VTY MAC-SA Filter Support.................................................................................................................................. 725
Role-Based Access Control.......................................................................................................................................... 725
Overview of RBAC...................................................................................................................................................726
User Roles.................................................................................................................................................................728
Role Accounting....................................................................................................................................................... 734
Two Factor Authentication (2FA)................................................................................................................................ 736
SMS-OTP Mechanism.............................................................................................................................................737
45 Service Provider Bridging........................................................................................................................ 739
VLAN Stacking............................................................................................................................................................... 739
Important Points to Remember..............................................................................................................................740
Contents
23