Configuring AAA Services on Cisco IOS XR Software
How to Configure AAA Services
SC-38
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
OL-20382-01
What to Do Next
After configuring RADIUS server groups, define method lists by configuring authentication,
authorization, and accounting. (See the
“Configuring AAA Method Lists” section.)
Configuring TACACS+ Server Groups
This task configures TACACS+ server groups.
The user can enter one or more server commands. The server command specifies the hostname or IP
address of an external TACACS+ server. Once configured, this server group can be referenced from the
AAA method lists (used while configuring authentication, authorization, or accounting). (See the
“Method Lists” section.)
Prerequisites
For configuration to succeed, the external server should be accessible at the time of configuration.
SUMMARY STEPS
1. configure
2. aaa group server tacacs+ group-name
3. server {host-name | ip-address}
4. Repeat Step 3. for every external server to be added to the server group named in Step 2.
5. end
or
commit
6. show tacacs server-groups
DETAILED STEPS
Command or Action Purpose
Step 1
configure
Example:
RP/0/RP0/CPU0:router# configure
Enters global configuration mode.
Step 2
aaa group server tacacs+ group-name
Example:
RP/0/RP0/CPU0:router(config)# aaa group server
tacacs+ tacgroup1
Groups different server hosts into distinct lists and enters
the server group configuration mode.
Step 3
server {hostname | ip-address}
Example:
RP/0/RP0/CPU0:router(config-sg-tacacs+)# server
192.168.100.0
Specifies the hostname or IP address of an external
TACACS+ server.
• When configured, this group can be referenced from the
AAA method lists (used while configuring
authentication, authorization, or accounting).
To Next Page
Loading...
Need help?
General
