Name: Cisco 2921
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

313

Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide

Chapter Administering the Wireless Device

Controlling Access Point Access with TACACS+

Configuring TACACS+ Authorization for Privileged EXEC Access and Network

Services

AAA authorization limits the services available to a user. When AAA authorization is enabled, the

wireless device uses information retrieved from the user profile, which is located either in the local user

database or on the security server, to configure the user session. The user is granted access to a requested

service only if the information in the user profile allows it.

You can use the aaa authorization command in global configuration mode with the tacacs+ keyword

to set parameters that restrict a user network access to privileged EXEC mode.

The aaa authorization exec tacacs+ local command sets these authorization parameters:

• Use TACACS+ for privileged EXEC access authorization if authentication was performed by using

TACACS+.

• Use the local database if authentication was not performed by using TACACS+.

Note Authorization is bypassed for authenticated users who log in through the CLI even if authorization has

been configured.

To specify TACACS+ authorization for privileged EXEC access and network services, follow these

steps, beginning in privileged EXEC mode.

SUMMARY STEPS

1. configure terminal

2. aaa authorization network tacacs+

3. aaa authorization exec tacacs+

4. end

5. show running-config

6. copy running-config startup-config

DETAILED STEPS

Command Purpose

Step 1

configure terminal Enters global configuration mode.

Step 2

aaa authorization network tacacs+ Configures the wireless device for user TACACS+ authorization for all

network-related service requests.

Step 3

aaa authorization exec tacacs+ Configures the wireless device for user TACACS+ authorization to

determine whether the user has privileged EXEC access.

The exec keyword might return user profile information (such as

autocommand information).

Step 4

end Returns to privileged EXEC mode.

Step 5

show running-config Verifies your entries.

Step 6

copy running-config startup-config (Optional) Saves your entries in the configuration file.

Cisco 2921 Specifications

General

Ethernet LAN	Yes
Cabling technology	10/100/1000Base-T(X)
Networking standards	IEEE 802.1Q, IEEE 802.1ag, IEEE 802.3, IEEE 802.3ab, IEEE 802.3af, IEEE 802.3ah, IEEE 802.3u
Ethernet LAN data rates	10, 100, 1000 Mbit/s
Ethernet interface type	Gigabit Ethernet
Product color	Black
Rack capacity	2U
USB version	2.0
RS-232 ports	1
USB ports quantity	2
Ethernet LAN (RJ-45) ports	3
DHCP client	-
Routing protocols	BGP, EIGRP, OSPF
Supported protocols	IPv4, IPv6, IS-IS, IGMPv3, PIM SM, SSM, DVMRP, IPSec, GRE, BVD, MPLS, L2TPv3, PPP, MLPPP, MLFR, HDLC, RS-232, RS-449, X.21, V.35, EIA-530, PPPoE, ATM
Firewall security	Cisco IOS
Operating altitude	0 - 3000 m
Non-operating altitude	0 - 4570 m
Storage temperature (T-T)	-40 - 70 °C
Operating temperature (T-T)	0 - 40 °C
Storage relative humidity (H-H)	5 - 95 %
Operating relative humidity (H-H)	10 - 85 %
AC input voltage	100 - 240 V
Power source type	AC
AC input frequency	47 - 63 Hz
Safety	UL 60950-1, CAN/CSA C22.2 No. 60950-1, EN 60950-1, AS/NZS 60950-1, IEC 60950-1
Electromagnetic compatibility	47 CFR, ICES-003, EN55022, CISPR22, AS/NZS 3548, VCCI V-3, EN 300-386, EN 61000, EN 55024, CISPR 24EN50082-1

Weight and Dimensions

Depth	469.9 mm
Width	438.2 mm
Height	88.9 mm
Weight	13200 g

Cisco 2921 User Manual

Table of Contents

Questions and Answers:

Cisco 2921 Specifications

Related product manuals