CHAPTER 3
Configuring AAA
This chapter describes how to configure authentication, authorization, and accounting (AAA) on Cisco NX-OS
devices.
This chapter includes the following sections:
• About AAA, on page 9
• Licensing Requirements for AAA, on page 13
• Prerequisites for AAA, on page 14
• Guidelines and Limitations for AAA, on page 14
• Default Settings for AAA, on page 14
• Configuring AAA, on page 15
• Monitoring and Clearing the Local AAA Accounting Log , on page 34
• Verifying the AAA Configuration, on page 34
• Configuration Examples for AAA, on page 35
• Configuration Examples for Login Parameters, on page 35
• Configuration Examples for the Password Prompt Feature, on page 36
• Additional References for AAA, on page 37
About AAA
This section includes information about AAA on Cisco NX-OS devices.
AAA Security Services
The AAA feature allows you to verify the identity of, grant access to, and track the actions of users managing
a Cisco NX-OS device. Cisco NX-OS devices support Remote Access Dial-In User Service (RADIUS) or
Terminal Access Controller Access Control System Plus (TACACS+) protocols.
Based on the user ID and password combination that you provide, Cisco NX-OS devices perform local
authentication or authorization using the local database or remote authentication or authorization using one
or more AAA servers. A preshared secret key provides security for communication between the Cisco NX-OS
device and AAA servers. You can configure a common secret key for all AAA servers or for only a specific
AAA server.
AAA security provides the following services:
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
9
To Next Page
Loading...
