Table of Contents
Advertisement
Administering the WMIC
Command
Step 5
server ip-address
Step 6
end
Step 7
show tacacs
Step 8
copy running-config startup-config
To remove the specified TACACS+ server name or address, use the no tacacs-server host hostname
command in global configuration mode. To remove a server group from the configuration list, use the
no aaa group server tacacs+ group-name command in global configuration mode. To remove the IP
address of a TACACS+ server, use the no server ip-address server group subconfiguration command.
Configuring TACACS+ Login Authentication
To configure AAA authentication, define a named list of authentication methods, and then apply that list
to various interfaces. The method list defines the types of authentication to be performed and the
sequence in which they are performed; the method must be applied to a specific interface before any of
the defined authentication methods can be performed. The only exception is the default method list
(which is named default). The default method list is automatically applied to all interfaces except those
for which a named method list is explicitly defined. A defined method list overrides the default method
list.
A method list describes the sequence and authentication methods to be queried to authenticate an
administrator. You can designate one or more security protocols to be used for authentication, to ensure
a backup system for authentication if the initial method fails. The software uses the first method listed
to authenticate users; if that method fails to respond, the software selects the next authentication method
in the method list. This process continues until there is successful communication with a listed
authentication method or until all defined methods are exhausted. If authentication fails at any point in
this cycle—that is, if the security server or local username database responds by denying the
administrator access—the authentication process stops, and no further authentication methods are
attempted.
To configure login authentication, follow these required steps, beginning in privileged EXEC mode:
Command
Step 1
configure terminal
Step 2
aaa new-model
Purpose
(Optional) Associate a particular TACACS+ server with the defined server
group. Repeat this step for each TACACS+ server in the AAA server
group.
Each server in the group must be previously defined in Step 2.
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Purpose
Enters global configuration mode.
Enables AAA.
Cisco 3200 Series Wireless MIC Software Configuration Guide
Controlling WMIC Access with TACACS+
35
Hide quick links:
Advertisement
Table of Contents
