Section 8.0: Advanced Security
8.1. Password Protection
Configure service password-encryption on all the routers to encrypt the enable password; otherwise, they will appear in clear text in the configuration.
8.2. EXEC Authentication
Configure enable secret on R2.
Configure authentication for shell EXEC without using the AAA engine using the enable use-tacacs command. Note that this is not TACACS+ but TACACS server (without the +). CiscoSecure ACS is not a TACACS server but TACACS+ only.
Configure fallback to pass authentication in the event the TACACS server is down or not found using enable last-resort succeed.
8.3. Access Control
In this case, you can configure autocommand for a user to Telnet to the router. autocommand will execute the required ...
Get CCIE Security Practice Labs now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.