Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems 1604 manual Verifying Local AAA Security Configuration, login

Models: 1604

1 22

Download 22 pages 37.23 Kb

Page 6

login.

Chapter 3 Configuring the Cisco 1604 Router

Verifying Local AAA Security Configuration

To configure local AAA security on the Cisco 1604, enter the following commands beginning in global configuration mode:

Step 1 Create a local username for yourself. Make sure to change “joe-admin” to your own username and “joe-password” to your own password. This step prevents you from getting locked out of the router when you enable AAA.

robo-austin(config)#username joe-admin password joe-password

Step 2 Enable AAA access control. This step immediately enables login and PPP authentication.

robo-austin(config)# aaa new-model

Step 3 Configure AAA to perform login authentication by using the local username database. The login keyword indicates authentication of EXEC (shell) users.

robo-austin(config)#aaa authentication login default local

Step 4 Configure PPP authentication to use the local database if the session was not already authenticated by

login.

robo-austin(config)#aaa authentication ppp default local

Note After you finish setting up basic security, you can enhance the security solution by extending it to an external TACACS+ or RADIUS server. However, this case study describes only local AAA security.

Verifying Local AAA Security Configuration

To verify the local AAA security configuration on the Cisco 1604:

Step 1 Log in with your username:password.

Step 2 Enter the login command at the EXEC (shell) prompt. Do not disconnect your EXEC session until you can log in successfully. (If you get locked out, recover your password by rebooting the router.)

robo-austin# login

User Access Verification

Username: joe-admin

Password:

robo-austin#

Cisco IOS Dial Services Quick Configuration Guide

3-6

Image 6

Cisco Systems 1604 manual Verifying Local AAA Security Configuration, login

Contents

C H A P T E R PasswordNetwork Topology, Hardware, and Software Selections Ethernet IPVerifying Your Start Up Configuration Overview of Steps2048K bytes of DRAM onboard 16384K bytes of DRAM on SIMM Step 1-Configuring the Host Name, Password, and Time Stamps1 Ethernet/IEEE 802.3 interfaces 1 ISDN Basic Rate interfaces 12288K bytes of processor board PCMCIA flash Read ONLYVerifying Host Name, Password, and Time Stamp Configuration Step 2-Configuring Local AAA Security TipsVerifying Local AAA Security Configuration loginStep 3-Configuring the Ethernet Interface robo-austinconfig-if# ip address 10.1.4.1Verifying the Ethernet Interface Configuration C\WINDOWS ping 3 lost carrier, 0 no carrierStep 4-Configuring Basic Rate Interface 3-10Description Verifying BRI ConfigurationField 3-11Step 5-Configuring Dial-on-Demand Routing 3-12Tips Verifying DDR Configuration 3-13Last called 3-14Dial String 14085551234ppp authentication chap pap callin ppp multilink hold-queue 75 in 3-15Step 6-Testing the Cisco 1604 Connection to the Cisco AS5300 Tips3-16 Cisco AS5300hq-sanjose 3-17 Step 3 Verify that the correct dialer map existsStep 6-Testing the Cisco 1604 Connection to the Cisco AS5300 3-18Chapter 3 Configuring the Cisco 1604 Router 080355 ISDN BR0 TX - SETUP pd = 8 callref = 0x2FStep 6-Testing the Cisco 1604 Connection to the Cisco AS5300 3-19Chapter 3 Configuring the Cisco 1604 Router 080355 BR01 PPP Phase is AUTHENTICATING, by the peerStep 6-Testing the Cisco 1604 Connection to the Cisco AS5300 3-20Chapter 3 Configuring the Cisco 1604 Router Cisco IOS Dial Services Quick Configuration GuideStep 6-Testing the Cisco 1604 Connection to the Cisco AS5300 3-21Chapter 3 Configuring the Cisco 1604 Router Cisco IOS Dial Services Quick Configuration Guidestartup-config command Step 8-Saving the ConfigurationStep 7-Confirming the Cisco 1604 Final Running Configuration 3-22