Section 7.0: AAA

7.1. AAA on the Router

  1. Configure R4 vty and console authentication using the local database. AAA server is not used for any authentication or authorization process.

  2. Configure separate VTY and Console line passwords as per the requirement.

  3. For usernames to be case-sensitive, configure login authentication for local-case. See Example 3-29.

  4. Configure command authorization with privilege levels as per the exercise. You don't need to configure privilege shell exec for Level 11, as it inherits from Level 5.

  5. Configure Accounting for Commands to AAA server. Define the TACACS+ server. See Example 3-29.

Example 3-29. AAA Configuration on R4
						!Snip from R4 config ! hostname r4 ! logging rate-limit console 10 except errors aaa new-model aaa ...

Get CCIE Security Practice Labs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial