Securing Access to Management Functions
December 2000 3 - 21
User logs in using Telnet/SSH Login authentication:
aaa authentication login default <method-list>
Exec authorization (TACACS+):
aaa authorization exec default tacacs+
Exec accounting start (TACACS+):
aaa accounting exec default <method-list>
System accounting start (TACACS+):
aaa accounting system default start-stop <method-list>
User logs into the Web management
interface
Web authentication:
aaa authentication web-server default <method-list>
Exec authorization (TACACS+):
aaa authorization exec default tacacs+
User logs out of Telnet/SSH session Command authorization for logout command (TACACS+):
aaa autho
rizati
on comma
nds <priv
ilege-
level> def
ault <meth
od-list
>
Command accounting (TACACS+):
aaa acc
ounting c
ommand
s <priv
ilege-le
vel> defa
ult sta
rt-stop
<method-list>
EXEC accounting stop (TACACS+):
aaa accounting exec default start-stop <method-list>
User enters system commands
(for example, reload, boot system)
Command authorization (TACACS+):
aaa autho
rizati
on comma
nds <priv
ilege-
level> def
ault <meth
od-list
>
Command accounting (TACACS+):
aaa acc
ounting c
ommand
s <priv
ilege-le
vel> defa
ult sta
rt-stop
<method-list>
System accounting stop (TACACS+):
aaa accounting system default start-stop <method-list>
User enters the command:
[no] aaa accounting system default
start-stop <method-list>
Command authorization (TACACS+):
aaa autho
rizati
on comma
nds <priv
ilege-
level> def
ault <meth
od-list
>
Command accounting (TACACS+):
aaa acc
ounting c
ommand
s <priv
ilege-le
vel> defa
ult sta
rt-stop
<method-list>
System accounting start (TACACS+):
aaa accounting system default start-stop <method-list>
User Action Applicable AAA Operations
To Next Page
Loading...
