Learning IINS (part 2)

Configure Authentication with Local Database AAA on a Cisco Router

Keep in mind that there are 5 basic steps to configure Local Database AAA on a Cisco Router. Here is the 5 steps and examples commands:

Task 1: Create local user

Username Admin1 privilege 15 secret admin123

Task 2: Enable AAA on the router

AAA new-model

Task 3: Configure AAA on the router. Define what type of remote access (administrative – telnet, ssh, http or network – PPP, Dial-in,…) AAA is to be performed

Aaa authentication login default local
Aaa authentication ppp dial-in local

Task 4: Apply authentication list to Router lines or Network

Line vty 0 4
Login authentication default

Int se0/0
Ppp authentication chap dial-in

Tank 5: Verify AAA configuration

Debug aaa authentication
Terminal Monitor

Show aaa user all

Show aaa sessions

More Local Database AAA commands:

Lockout user after 7 times login attemps failed:

Aaa local authentication attemps max-fail 7

Display locked-out users:

Show aaa local user lockout

Clear (re-active) all locked-out users:

Clear aaa local user lockout

Clear specific user (User1 in this example):

Clear aaa local user lockout User1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s