Chapter 8
| Authentication Commands
AAA
– 220 –
Command Mode
Global Configuration
Command Usage
◆
This command performs authorization to determine if a user is allowed to run
an Exec shell for local console, Telnet, or SSH connections.
◆
AAA authentication must be enabled before authorization is enabled.
◆
If this command is issued without a specified named method, the default
method list is applied to all interfaces or lines (where this authorization type
applies), except those that have a named method explicitly defined.
Example
Console(config)#aaa authorization exec default group tacacs+
Console(config)#
aaa group server
Use this command to name a group of security server hosts. To remove a server
group from the configuration list, enter the
no
form of this command.
Syntax
[
no
]
aaa group server
{
radius
|
tacacs+
} group-name
radius
- Defines a RADIUS server group.
tacacs+
- Defines a TACACS+ server group.
group-name - A text string that names a security server group.
(Range: 1-64 characters)
Default Setting
None
Command Mode
Global Configuration
Example
Console(config)#aaa group server radius tps
Console(config-sg-radius)#
To Next Page
Loading...
