6-23
Catalyst 2950 Desktop Switch Software Configuration Guide
78-11380-03
Chapter 6 Configuring the System
Configuring TACACS+
Beginning in privileged EXEC mode, follow these steps to enable TACACS+ accounting:
Note These commands are documented in the “Accounting and Billing Commands” chapter of the Cisco IOS
Release 12.1 Security Command Reference.
Configuring a Switch for Local AAA
You can configure AAA to operate without a server by setting the switch to implement AAA in local
mode. The switch then verifies authentication and authorization. No accounting is available in this
configuration.
Beginning in privileged EXEC mode, follow these steps to configure the switch for local AAA:
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
aaa accounting exec start-stop
tacacs+
Enable TACACS+ accounting to send a start-record accounting
notice at the beginning of an EXEC process and a stop-record at
the end.
Step 3
aaaaccountingnetworkstart-stop
tacacs+
Enable TACACS+ accounting for all network-related service
requests, including SLIP, PPP, and PPP NCPs.
Step 4
exit Return to privileged EXEC mode.
Step 5
show running-config Verify your entries.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
aaa new-model Enable AAA.
Step 3
aaa authentication login
default local
Set the login authorization to default to local.
Step 4
aaa authorization exec local Configure user AAA authorization for all network-related service
requests, including SLIP, PPP NCPs, and ARA protocols.
Step 5
aaa authorization network
local
Configure user AAA authorization to determine if the user is
allowed to run a privileged EXEC shell.
Step 6
username name privilege level
password password
Enter the local database.
Repeat this command for each user.
Step 7
show running-config Verify your entries.
To Next Page
Loading...
Need help?
General
