RE: mandatory aaa configs

From: Simon Grace (SimonG@pcsystems.gr)
Date: Thu Oct 11 2007 - 04:06:57 ART

• Next message: Farhan Anwar: "Re: Seat availability"
• Previous message: anthony.sequeira@thomson.com: "RE: New memebr just joined"
• Maybe in reply to: slevin kremera: "mandatory aaa configs"
• Next in thread: subodh.rawat@wipro.com: "RE: mandatory aaa configs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Ah, I see !

With something like this (no experience in the lab to comment on) but
yep, you are going to have to configure aaa so that you don't lock
yourself out of the router. I know, I did this in my lab :-)

If in doubt quickly check with the proctor, in my view, if you are going
to do something that will lock yourself out then do the commands you
mention, if you aren't doing anything to stuff yourself then keep it
default.

Simon

________________________________

From: slevin kremera [mailto:slevin.kremera@gmail.com]
Sent: Thursday, October 11, 2007 9:58 AM
To: Simon Grace
Cc: Cisco certification
Subject: Re: mandatory aaa configs

i had some doubt with aaa and i was checking out all ht e old mails.One
of it says this....

Joe Mama
to ccielab

show details
     May 30
Hello all,

I believe that I have the right question as it's fairly
straightforward. However, does anyone see a proctor in the CCIE lab
having an issue with the config since the radius is the 3rd one down
on the list. If it was the first one on the list (before the
aaa....locals), would that be more correct? How stringent are the
requirements? I added the local

Lab ?: Configure the default behavior of dot1x authentication to use
Radius as the primary method of authentication.

sw1(config)#dot1x system-auth-control

sw1(config)#aaa new-model
sw1(config)#aaa authentication login LocalCon none
sw1(config)#aaa authentication login LocalVTY none
sw1(config)#aaa authentication dot1x default group radius

sw1(config)#radius-server host 192.168.100.1166 key asdf

sw1(config)#line con 0
sw1(config-line)#login authentication LocalCon
sw1(config-line)#line vty 0 4
sw1(config-line)#login authentication LocalVTY
sw1(config-line)#

Regards,
Joe

On 10/11/07, Simon Grace <SimonG@pcsystems.gr> wrote:

Where did you get this from ?

The one attempt I had there was nothing mentioned about aaa, I should
imagine if it's mentioned then go ahead, but if nothing is mentioned in
any tasks then why would you?

All else fails, ask the proctor, not sure what they are like in other
test sites but the ones in Brussels are fair, if you ask something
that's a bit close to the mark they will ask you to re-phrase, if you
ask something reasonable they will assist you proffesionally.

Cheers,

Simon.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com ] On Behalf Of
slevin kremera
Sent: Thursday, October 11, 2007 9:40 AM
To: Cisco certification
Subject: mandatory aaa configs

hi all
in the lab is it compulsary to add these lines.are points cut if these
are
not present

aaa authentication login default none
aaa authentication login LOCALCON none
aaa authentication login LOCALVTY none

• Next message: Farhan Anwar: "Re: Seat availability"
• Previous message: anthony.sequeira@thomson.com: "RE: New memebr just joined"
• Maybe in reply to: slevin kremera: "mandatory aaa configs"
• Next in thread: subodh.rawat@wipro.com: "RE: mandatory aaa configs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Nov 16 2007 - 13:11:13 ART