Configuring Local Aaa Security - Cisco AS5350 - Universal Access Server Configuration Manual

Universal gateway software configuration guide

Hide thumbs Also See for AS5350 - Universal Access Server:

Installation manual (102 pages)

Quick start manual (65 pages)

Quick reference manual (38 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

Table of Contents

Configuring Local AAA Security

•

Configuring Local AAA Security

Configure authentication, authorization, and accounting (AAA) to perform login authentication by using

the local username database. The login keyword authenticates EXEC shell users. Additionally, configure

PPP authentication to use the local database if the session was not already authenticated by login.

AAA (called triple A) is the Cisco IOS security model used on all Cisco devices. AAA provides the

primary framework through which you set up access control on the Cisco AS5350 or Cisco AS5400.

The same authentication method is used on all interfaces. AAA is set up to use the local database

configured on the gateway. This local database is created with the username configuration commands.

Step 1

Create a local login username database in global configuration mode. In this example, the administrator's

username is admin. The remote client's login username is Harry.

AS5400(config)# username admin password adminpasshere

AS5400(config)# username Harry password Harrypasshere

This step also prevents you from getting locked out of the gateway. If you get locked out, you must reboot

Caution

the device and perform password recovery.

Configure local AAA security in global configuration mode. You must enter the aaa new-model

Step 2

command before the other two authentication commands.

AS5400(config)# aaa new-model

AS5400(config)# aaa authentication login default local

AS5400(config)# aaa authentication ppp default if-needed local

Table 3-1

Command

AS5400(config)# aaa new-model

Cisco AS5350 and Cisco AS5400 Universal Gateway Software Configuration Guide

3-4

Exit global configuration mode and attempt to login using the new enable secret password. The

show privilege command shows the current security privilege level.

AS5400# exit

AS5400 con0 is now available

Press RETURN to get started.

AS5400> enable

Password:

AS5400# show privilege

Current privilege level is 15

AS5400#

explains the previous configuration example.

Local AAA Commands

Chapter 3

Basic Configuration Using the Command-Line Interface

Purpose

Initiates the AAA access control system. This

command immediately locks down login and PPP

authentication.

OL-3418-02 B0

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

As5400

Configuring Local Aaa Security - Cisco AS5350 - Universal Access Server Configuration Manual

Configuring Local AAA Security

Hide quick links:

Troubleshooting

Related Manuals for Cisco AS5350 - Universal Access Server

Related Content for Cisco AS5350 - Universal Access Server

This manual is also suitable for:

Table of Contents