1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Server
  5. AS5300-96VOIP-A
  6. Software configuration manual

Specifying The Authorization Method; Specifying Authorization Parameters On A Tacacs+ Server; Authorization Examples - Cisco AS5300-96VOIP-A Software Configuration Manual

Universal access server
Hide thumbs
Table of Contents

Advertisement

Configuring Authorization

Specifying the Authorization Method

Authorization methods are defined as optional keywords in the aaa authorization command. You
can specify any of the authorization methods listed in Table 4-8 for both network and EXEC
authorization.
Table 4-8
Method
if-authenticated
none
local
radius
tacacs+

Specifying Authorization Parameters on a TACACS+ Server

When you configure authorization, you must ensure that the parameters established on the access
server correspond with those set on the TACACS+ server.

Authorization Examples

The following example uses a TACACS+ server to authorize the use of network services, including
PPP and ARA. If the TACACS+ server is not available or has no information about a user, no
authorization is performed and the user can use all network services:
The following example permits the user to run the EXEC process if the user is already authenticated.
If the user is not already authenticated, the Cisco IOS software defers to a RADIUS server for
authorization information:
The following example configures network authorization. If the TACACS+ server does not respond
or has no information about the username being authorized, the RADIUS server is polled for
authorization information for the user. If the RADIUS server does not respond, the user still can
access all network resources without authorization requirements.
4-18
Cisco AS5300 Universal Access Server Software Configuration Guide
AAA Authorization Method
Description
User is authorized if already authenticated.
Authorization always succeeds.
Uses the local database for authorization. The local database is created using
the username privilege command to assign users to a privilege level from
0 to 15 and the privilege level command to assign commands to these
different levels.
Uses RADIUS authorization as defined on a RADIUS server.
Uses TACACS+ authorization as defined on a TACACS+ server.
5300(config)# aaa authorization network tacacs+ none
5300(config)# aaa authorization exec if-authenticated radius
5300(config)# aaa authorization network tacacs+ radius none

Advertisement

Table of Contents
loading

Related Manuals for Cisco AS5300-96VOIP-A

Related Content for Cisco AS5300-96VOIP-A

This manual is also suitable for:

As5300

Table of Contents