1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Server
  5. AS5300-96VOIP-A
  6. Software configuration manual

Configuring Authentication; Securing Access To Privileged Exec And Configuration Mode - Cisco AS5300-96VOIP-A Software Configuration Manual

Universal access server
Hide thumbs
Table of Contents

Advertisement

Configuring Authentication

Configuring Authentication
You can use the AAA facility to authenticate users with either a local or a remote security database.
Whether you maintain a local or remote security database, or use TACACS+ or RADIUS
authentication and authorization, the process of configuring the access server for these different
databases and protocols is similar. The basic process of configuring the Cisco IOS software for
authentication requires the following tasks:
1
2
3
4
5
6

Securing Access to Privileged EXEC and Configuration Mode

The first step to configuring authentication is to secure access to privileged EXEC (also called
enable) mode. Enable mode provides access to configuration mode, which enables any type of
configuration change to the access server. To secure Privileged EXEC mode, use one of the
commands listed in Table 4-1.
Pri
Table 4-1
Command
enable password password
enable secret password
For more information about the enable password and enable secret commands and their complete
syntax, refer to the Security Command Reference, available online at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/
4-4
Cisco AS5300 Universal Access Server Software Configuration Guide
Securing Access to Privileged EXEC and Configuration Mode
Communicating Between the Access Server and the Security Server
Configuring Authentication on a TACACS+ Server
Enabling AAA Globally on the Access Server
Defining Authentication Method Lists
— Enter the aaa authentication Command
— Specify Protocol or Login Authentication
— Identify a List Name
— Specify the Authentication Method
— Populate the Local Username Database if Necessary
Applying Authentication Method Lists
Privileged EXEC Mode Commands
Description
Requires that network administrators enter a password to access enable mode.
Do not provide access to users who are not administrators.
Specifies a secret password that is encrypted, so that the password cannot be
read when crossing a network. After you enter this command, the encryption
cannot be reversed. The encrypted version of the password appears in output
of the show running-config and show startup-config commands. The enable
secret password has precedence over the enable password. Do not enter the
same password as the enable password. If the two passwords are the same, the
enable secret password is not a secret, because the enable password is not
encrypted and appears in output of show running-config and show
startup-config commands.

Advertisement

Table of Contents
loading

Related Manuals for Cisco AS5300-96VOIP-A

Related Content for Cisco AS5300-96VOIP-A

This manual is also suitable for:

As5300

Table of Contents