CHAPTER 3
Configuring AAA
This chapter describes how to configure authentication, authorization, and accounting (AAA) on Cisco
NX-OS devices.
•
Information About AAA, page 7
•
Prerequisites for Remote AAA, page 11
•
Guidelines and Limitations for AAA, page 12
•
Configuring AAA, page 12
•
Monitoring and Clearing the Local AAA Accounting Log , page 25
•
Verifying the AAA Configuration, page 25
•
Configuration Examples for AAA, page 26
•
Default AAA Settings, page 26
Information About AAA
AAA Security Services
The authentication, authorization, and accounting (AAA) features allows you to verify the identity of, grant
access to, and track the actions of users who manage Cisco Nexus devices. The Cisco Nexus device supports
Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access Control device Plus
(TACACS+) protocols.
Based on the user ID and password that you provide, the switches perform local authentication or authorization
using the local database or remote authentication or authorization using one or more AAA servers. A preshared
secret key provides security for communication between the switch and AAA servers. You can configure a
common secret key for all AAA servers or for only a specific AAA server.
AAA security provides the following services:
• Authentication—Identifies users, including login and password dialog, challenge and response, messaging
support, and, encryption depending on the security protocol that you select.
• Authorization—Provides access control.
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
7
To Next Page
Loading...
