Configuring AAA Services on Cisco IOS XR Software
Prerequisites for Configuring AAA Services
SC-169
Cisco IOS XR System Security Configuration Guide
Prerequisites for Configuring AAA Services
The following prerequisites are listed:
• You must be in a user group associated with a task group that includes the proper task IDs for
security commands.
• Establish a root system user using the initial setup dialog. The administrator may configure a few
local users without any specific AAA configuration. The external security server becomes necessary
when user accounts are shared among many routers within an administrative domain. A typical
configuration would include the use of an external AAA security server and database with the local
database option as a backup in case the external server becomes unreachable.
Restrictions for Configuring AAA Services
This section lists the restrictions for configuring AAA services.
Compatibility
Compatibility is verified with the Cisco freeware TACACS+ server and FreeRADIUS only.
Interoperability
Router administrators can use the same AAA server software and database (for example,
CiscoSecure ACS) for the router and any other Cisco equipment that does not currently run
Cisco IOS XR software. To support interoperability between the router and external TACACS+ servers
that do not support task IDs, see the “Task IDs for TACACS+ and RADIUS Authenticated Users”
section.
Information About Configuring AAA Services
This section lists all the conceptual information that a Cisco IOS XR software user must understand
before configuring user groups and task groups through AAA or configuring Remote Authentication
Dial-in User Service (RADIUS) or TACACS+ servers. Conceptual information also describes what AAA
is and why it is important.
• User, User Groups, and Task Groups, page SC-170
• Cisco IOS XR Software Administrative Model, page SC-172
• Password Types, page SC-177
• Task-Based Authorization, page SC-178
• Task IDs for TACACS+ and RADIUS Authenticated Users, page SC-179
• XML Schema for AAA Services, page SC-181
• About RADIUS, page SC-182
To Next Page
Loading...
