Configuring Aaa; About Aaa; Aaa Security Services - Cisco Nexus 9000 Series Configuration Manual

Configuring AAA

This chapter describes how to configure authentication, authorization, and accounting (AAA) on Cisco NX-OS
devices.
This chapter includes the following sections:
•
•
•
•
•
•
•
•
•
•
•
•

About AAA

This section includes information about AAA on Cisco NX-OS devices.

AAA Security Services

The AAA feature allows you to verify the identity of, grant access to, and track the actions of users managing
a Cisco NX-OS device. Cisco NX-OS devices support Remote Access Dial-In User Service (RADIUS) or
Terminal Access Controller Access Control System Plus (TACACS+) protocols.
Based on the user ID and password combination that you provide, Cisco NX-OS devices perform local
authentication or authorization using the local database or remote authentication or authorization using one
or more AAA servers. A preshared secret key provides security for communication between the Cisco NX-OS
device and AAA servers. You can configure a common secret key for all AAA servers or for only a specific
AAA server.
AAA security provides the following services:
About AAA, on page 9
Licensing Requirements for AAA, on page 13
Prerequisites for AAA, on page 14
Guidelines and Limitations for AAA, on page 14
Default Settings for AAA, on page 14
Configuring AAA, on page 15
Monitoring and Clearing the Local AAA Accounting Log , on page 34
Verifying the AAA Configuration, on page 34
Configuration Examples for AAA, on page 35
Configuration Examples for Login Parameters, on page 35
Configuration Examples for the Password Prompt Feature, on page 36
Additional References for AAA, on page 37
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
3
C H A P T E R
9