EasyManua.ls Logo

Cisco Nexus 5000 Series - Configuring Aaa Accounting Default Methods

Cisco Nexus 5000 Series
660 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Send feedback to nx5000-docfeedback@cisco.com
1-10
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 1 Configuring AAA
Configuring AAA
To enable MSCHAP authentication, perform this task:
Configuring AAA Accounting Default Methods
The Nexus 5000 Series switch supports TACACS+ and RADIUS methods for accounting. The switches
report user activity to TACACS+ or RADIUS security servers in the form of accounting records. Each
accounting record contains accounting attribute-value (AV) pairs and is stored on the AAA server.
When you activate AAA accounting, the Nexus 5000 Series switch reports these attributes as accounting
records, which are then stored in an accounting log on the security server.
You can create default method lists defining specific accounting methods, which include the following:.
RADIUS server group—Uses the global pool of RADIUS servers for accounting.
Specified server group—Uses a specified RADIUS or TACACS+ server group for accounting.
Local—Uses the local username or password database for accounting.
Note If you have configured server groups and the server groups do not respond, by default the local database
is used for authentication.
Before you configure AAA accounting default methods, configure RADIUS or TACACS+ server groups
as needed.
Table 1-3 MSCHAP RADIUS VSAs
Vendor-ID
Number Vendor-Type Number VSA Description
311 11 MSCHAP-Challenge Contains the challenge sent by an AAA server to an
MSCHAP user. It can be used in both
Access-Request and Access-Challenge packets.
211 11 MSCHAP-Response Contains the response value provided by an
MSCHAP user in response to the challenge. It is
only used in Access-Request packets.
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# aaa authentication login
mschap enable
Enables MS-CHAP authentication. The default is
disabled.
Step 3
switch(config)# exit
Exits configuration mode.
Step 4
switch# show aaa authentication login
mschap
(Optional) Displays the MS-CHAP configuration.
Step 5
switch# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.

Table of Contents

Other manuals for Cisco Nexus 5000 Series

Preview: Operation Guide
Operation Guide44 pages
Preview: Command Reference
Command Reference196 pages
Preview: Configuration Guide
Configuration Guide334 pages
Preview: Troubleshooting Guide
Troubleshooting Guide8 pages
Preview: Reference Guide
Reference Guide12 pages
Preview: Manual
Manual10 pages

Related product manuals