Scribd
Upload
25 views1 page

Debugging AAA Authentication

CCNA

Uploaded by

erojas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
25 views1 page

Debugging AAA Authentication

CCNA

Uploaded by

erojas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

Configure router R1 using the following instructions:

Configure a JR-ADMIN account with a type 9 (scrypt) encrypted password


Str0ngpa55w0rd and an ADMIN account with a type 9 encrypted password
Str0ng5rPa55w0rd.
Enable AAA on the router.
Configure the default authentication list with a primary method as local case-
sensitive login with the enable secret as backup.
Configure a second authentication list named SSH-LOGIN that has only one method,
local case-sensitive login.
Configure accounts to be locked out after a maximum of 3 unsuccessful attempts.
Apply the SSH-LOGIN list to the virtual terminal lines.
Use the end command to exit configuration mode.
Use the show command to view the current AAA sessions on R1.
R1(config)# username JR-ADMIN algorithm-type scrypt secret Str0ngPa55w0rd
R1(config)# username ADMIN algorithm-type scrypt secret Str0ng5rPa55w0rd
R1(config)# aaa new-model
R1(config)# aaa authentication login default local-case enable
R1(config)# aaa authentication login SSH-LOGIN local-case
R1(config)# aaa local authentication attempts max-fail 3
R1(config)# line vty 0 4
R1(config-line)# login authentication SSH-LOGIN
R1(config-line)# end
R1# show aaa sessions
Total sessions since last reload: 8
Session Id: 7
Unique Id: 20
User Name: ADMIN
IP Address: 192.168.1.3
Idle Time: 0
CT Call Handle: 0
Use the debug command to view AAA authentication messages.
R1# debug aaa authentication
AAA authentication debugging is on
R1#
*Mar 2 23:50:21.107: AAA: parse name=tty0 idb type=-1 tty=-1
*Mar 2 23:50:21.107: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0
port=0 channel=0
*Mar 2 23:50:21.107: AAA/MEMORY: create_user (0x313B9460) user='ADMIN'
ruser='NULL' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII service=ENABLE
priv=15 initial_task_id='0', vrf= (id=0)
*Mar 2 23:50:21.107: AAA/AUTHEN/START (3217833468): port='tty0' list=''
action=LOGIN service=ENABLE
*Mar 2 23:50:21.107: AAA/AUTHEN/START (3217833468): console enable - default to
enable password (if any)
*Mar 2 23:50:21.107: AAA/AUTHEN/START (3217833468): Method=ENABLE
*Mar 2 23:50:21.107: AAA/AUTHEN (3217833468): status = GETPASS
*Mar 2 23:50:28.075: AAA/AUTHEN/CONT (3217833468): continue_login (user='(undef)')
*Mar 2 23:50:28.075: AAA/AUTHEN (3217833468): status = GETPASS
*Mar 2 23:50:28.075: AAA/AUTHEN/CONT (3217833468): Method=ENABLE
*Mar 2 23:50:28.303: AAA/AUTHEN (3217833468): status = PASS
*Mar 2 23:50:28.303: AAA/MEMORY: free_user (0x313B9460) user='NULL' ruser='NULL'
port='tty0' rem_addr='async' authen_type=ASCII service=ENABLE priv=15 vrf= (id=0)
You successfully configured and verified local AAA authentication.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy