Table of Contents
Advertisement
Controlling WMIC Access with TACACS+
Command
Step 3
aaa authentication login {default |
list-name} method1 [method2...]
Step 4
line [console | tty | vty] line-number
[ending-line-number]
Step 5
login authentication {default |
list-name}
Step 6
end
Step 7
show running-config
Step 8
copy running-config startup-config
To disable AAA, use the no aaa new-model command in global configuration mode. To disable AAA
authentication, use the no aaa authentication login {default | list-name} method1 [method2...]
command in global configuration mode. To either disable TACACS+ authentication for logins or to
return to the default value, use the no login authentication {default | list-name} command in line
configuration mode.
Configuring TACACS+ Authorization for Privileged EXEC Access and Network
Services
AAA authorization limits the services that are available to a user. When AAA authorization is enabled,
the WMIC uses information retrieved from the user's profile, which is located either in the local user
database or on the security server, to configure the user's session. The user is granted access to a
requested service only if the information in the user profile allows it.
You can use the aaa authorization command in global configuration mode with the tacacs+ keyword
to set parameters that restrict a user's network access to privileged EXEC mode.
Cisco 3200 Series Wireless MIC Software Configuration Guide
36
Purpose
Create a login authentication method list.
To create a default list that is used when a named list is not specified
•
in the login authentication command, use the default keyword
followed by the methods that are to be used in default situations. The
default method list is automatically applied to all interfaces.
For list-name, specify a character string as the name the list you are
•
creating.
•
For method1..., specify the actual method that the authentication
algorithm tries. The additional methods of authentication are used
only if the previous method returns an error, not if it fails.
Select one of these methods:
local—Use the local username database for authentication. You must
•
enter username information into the database. Use the username
password global configuration command.
tacacs+—Use TACACS+ authentication. You must configure the
•
TACACS+ server before you can use this authentication method.
Enters line configuration mode, and configure the lines to which you want
to apply the authentication list.
Apply the authentication list to a line or a set of lines.
•
If you specify default, use the default list created with the aaa
authentication login command.
For list-name, specify the list created with the aaa authentication
•
login command.
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Administering the WMIC
Hide quick links:
Advertisement
Table of Contents
