AAA trouble....

From: Modular (modulartx@gmail.com)
Date: Sat Feb 21 2009 - 02:19:10 ARST

• Next message: Nadeem Ansari: "Re: access-group Vs multicast boundary in this case"
• Previous message: S Malik: "Re: BGP conditional advertise not working."
• Next in thread: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Jeff Andiorio: "Re: AAA trouble...."
• Maybe reply: Sadiq Yakasai: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: NET HE: "RE: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'm confused about a AAA configuration in the practice lab that I'm working
on. The requirement is that someone should be able to log in using the
username of cisco and password. For any other user, they should be able to
login using the password CCIE.

The proctor guide has the following:

aaa new-model

aaa authentication login VTY local line

line vty 0 4

 login authentication VTY

 password CCIE

So. I thought that the way using multiple "methods" was supposed to work
was that if the first method listed was tried and an "error" is received,
(not a fail, but an error), then the second method would be used.

I set it up and it does work. If I use the username cisco I can only use the
password cisco to gain access. But, if I use any other username I can access
the router using the password of CCIE. How is this working? Is the router
returning an "error" because the username I use is not set up on the router?
If you're using RADIUS and the username you try is not configured on the
RADIUS server does the RADIUS server return an "error" or a "fail"??

Thanks,

Mod

Blogs and organic groups at http://www.ccie.net

• Next message: Nadeem Ansari: "Re: access-group Vs multicast boundary in this case"
• Previous message: S Malik: "Re: BGP conditional advertise not working."
• Next in thread: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: Jeff Andiorio: "Re: AAA trouble...."
• Maybe reply: Sadiq Yakasai: "Re: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Maybe reply: NET HE: "RE: AAA trouble...."
• Maybe reply: Edouard Zorrilla: "Re: AAA trouble...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST