IEWB-SEC Lab1:8.3 AAA Configuration

From: Dusty (dustygoody@gmail.com)
Date: Sun Aug 20 2006 - 19:18:34 ART

• Next message: James Pickering: "RE: CCIE via Remote LAB"
• Previous message: sameer inam: "RE: Voice vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi group,

The question ask for accounting for the priv-lvl 5 commands using aaa
server.

Solution only provide configuration for aaa but not for under vty line.

Do I really need the accounting under vty line such as below?
line vty 0 4
accouning commands 5 LOCAL_AUTH

Here is the config from solution:

aaa new-model
aaa authentication login LOCAL_AUTH local-case
aaa authorization exec default group tacacs+
aaa authorization commands 5 default local
aaa accounting commands 5 default start-stop group tacacs+
!
privilege exec level 5 clear line
privilege exec level 5 clear counters
!
username NOC secret CISCO
!
tacacs-server host 10.0.0.100
tacacs-server key CISCO
ip tacacs source-interface loopback 0
!
line vty 0 4
login authentication LOCAL_AUTH

Thanks,

Dusty

• Next message: James Pickering: "RE: CCIE via Remote LAB"
• Previous message: sameer inam: "RE: Voice vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART