Scribd
Upload
3 views2 pages

AAA Lab Steps With Commands

The document outlines the steps to configure local AAA authentication for console and vty access on routers R1, R2, and R3. It includes setting up usernames, enabling AAA, and verifying authentication methods for console access using local credentials, TACACS+, and RADIUS. Each part details specific commands and configurations required for each router to ensure secure access management.

Uploaded by

octaman246
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
3 views2 pages

AAA Lab Steps With Commands

The document outlines the steps to configure local AAA authentication for console and vty access on routers R1, R2, and R3. It includes setting up usernames, enabling AAA, and verifying authentication methods for console access using local credentials, TACACS+, and RADIUS. Each part details specific commands and configurations required for each router to ensure secure access management.

Uploaded by

octaman246
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

Part 1: Configure Local AAA Authentication for Console Access on R1

Step 1 --> Configure a local username on R1:


R1(config)# username Admin1 secret admin1pa55
Step 2 --> Configure local AAA authentication for console access on R1:
R1(config)# aaa new-model
R1(config)# aaa authentication login default local

Step 3 --> Configure the line console to use the defined AAA authentication
method:
R1(config)# line console 0
R1(config-line)# login authentication default
Step 4 --> Verify the AAA authentication method:
Username: Admin1
Password: admin1pa55
R1>

Part 2 : Configure Local AAA Authentication for vty Lines on R1

Step 1 --> Configure domain name and crypto key for use with SSH:
R1(config)# ip domain-name ccnp_v8.com
R1(config)# crypto key generate rsa .. 1024 Bits
Step 2 --> Configure a named list AAA authentication method for the vty lines on
R1:
R1(config)# aaa authentication login SSH-LOGIN local
Step 3 --> Configure the vty lines to use the defined AAA authentication method:
R1(config)# line vty 0 4
R1(config-line)# transport input ssh
R1(config-line)# login authentication SSH-LOGIN
R1(config-line)# end
Step 4 --> Verify the AAA authentication method:
PC> ssh -l Admin1 192.168.1.1
Open
Password: admin1pa55

Part 3 : Configure Server-Based AAA Authentication Using TACACS+ on R2

Step 1 --> Configure a backup local database entry called Admin:


R2(config)# username Admin2 secret admin2pa55
Step 2 --> Verify the TACACS+ Server configuration.
Click the TACACS+ Server. On the Services tab, click AAA.
Notice that there is a Network configuration entry for R2 and a User
Setup entry for Admin2.
Step 3 --> Configure the TACACS+ server specifics on R2:
R2(config)# tacacs-server host 192.168.2.2
R2(config)# tacacs-server key tacacspa55
Step 4 --> Configure AAA login authentication for console access on R2:
R2(config)# aaa new-model
R2(config)# aaa authentication login default group tacacs+ local
Step 5 --> Configure the line console to use the defined AAA authentication
method.
R2(config)# line console 0
R2(config-line)# login authentication default
Step 6 --> Verify the AAA authentication method.
Username: Admin2
Password: admin2pa55
R2>
Part 4 : Configure Server-Based AAA Authentication Using RADIUS on R3

Step 1 --> Configure a backup local database entry called Admin:


R3(config)# username Admin3 secret admin3pa55
Step 2 --> Verify the RADIUS Server configuration.
Click the RADIUS Server. On the Services tab, click AAA.
Notice that there is a Network configuration entry for R3 and a
User Setup entry for Admin3.
Step 3 --> Configure the RADIUS server specifics on R3:
R3(config)# radius-server host 192.168.3.2
R3(config)# radius-server key radiuspa55
Step 4 --> Configure AAA login authentication for console access on R3:
R3(config)# aaa new-model
R3(config)# aaa authentication login default group radius local
Step 5 --> Configure the line console to use the defined AAA authentication
method:
R3(config)# line console 0
R3(config-line)# login authentication default
Step 6 --> Verify the AAA authentication method:
Username: Admin3
Password: admin3pa55
R3>

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy