Manuals / Cisco Systems / Computer Equipment / Network Card

Cisco Systems AS5400XM quick start Configuring Local AAA Security

Models: AS5400XM

1 68

Download 68 pages 41.48 Kb

Page 38

Configuring Local AAA Security

!

hostname Gateway

!

enable secret 5 $1$60L4$X2JYOwoDc0.kqa1loO/w8/

.

.

.

Step 2 Exit privileged EXEC mode and attempt to log in by using the new enable secret password. The show privilege command shows the current security privilege level.

Gateway# exit

Gateway con0 is now available

Press RETURN to get started.

Gateway> enable

Password:

Gateway# show privilege

Current privilege level is 15

Gateway#

Configuring Local AAA Security

Configure authentication, authorization, and accounting (AAA) to perform login authentication by using the local username database. The login keyword authenticates EXEC shell users. Additionally, configure PPP authentication to use the local database if the session was not already authenticated by the login command.

AAA(called triple A) is the Cisco IOS security model used on all Cisco devices. AAA provides the primary framework through which you set up access control on the Cisco AS5350XM or Cisco AS5400XM universal gateway.

The same authentication method is used on all interfaces. AAA is set up to use the local database configured on the gateway. This local database is created with the username configuration commands.

To configure AAA, follow these steps:

Step 1 Enter global configuration mode. You are in global configuration mode when your prompt changes to Gateway(config)#.

Gateway# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Gateway(config)#

Step 2 Create a local login username database in global configuration mode. In this example, the administrator’s username is admin. The remote client’s login username is Harry.

Gateway(config)# username admin password adminpasshere

Gateway(config)# username Harry password Harrypasshere

Step 3 Configure local AAA security in global configuration mode. You must enter the aaa new-modelcommand before the other two authentication commands.

Gateway(config)# aaa new-model

Gateway(config)# aaa authentication login default local

Gateway(config)# aaa authentication ppp default if-needed local

Step 4 Return to privileged EXEC mode:

Gateway(config)# Ctrl-Z

Gateway#

Step 5 Log in with your username and password.

38

Image 38

Cisco Systems AS5400XM quick start Configuring Local AAA Security

Contents

Quick Start Guide INCLUDING LICENSE AND WARRANTYCisco AS5350XM and Cisco AS5400XM Universal Gateways Replacement, Repair, or Refund Policy for Hardware 1 Cisco 90-Day Limited Hardware Warranty TermsDuration of Hardware Warranty To Receive a Return Materials Authorization RMA NumberSoftware Configuration Regulatory Compliance and Safety InformationHardware Installation Configuration GuidesItems Not Included Command ReferencesNew Feature Documentation Release NotesSetting Up the Chassis 3 Install ChassisSafety Information Rack-Mounting the ChassisRequired Tools and Equipment Attaching BracketsDesktop Installation Installation in a RackChassis Ground Connection Installing a Carrier Card 4 Install ModulesInstalling Carrier Cards power at the circuit breaker on DC units. StatementFigure 13 Blank Feature Card Cover Cisco AS5400XM Universal Gateways Card Installation Guide Installing Feature Cardswhile the housing is open. Statement Step StepDescription Feature CardState Description Feature CardState LEDs continuedColor or System Management and Power Connections5 Connect Cables Port or ConnectionColor or Type WAN, LAN, and Voice ConnectionsConnect a Console Terminal Port or ConnectionRJ-45 RJ-45-to-RJ-45 rollover cablePC laptop Console port RJ-45Connect to an Ethernet Network RJ-45 jack Connect to a WANStraight-through RJ-45-to-RJ-45 cable Straight-through RJ-45 jack E1 cable Figure 26 Connecting an 8-Port Feature Card on the Cisco AS5350XM Universal Gateway to an RJ-45 Jack Page Page Statement situation. StatementPin1 Description Connect AC Power Statement Connect DC Powerposition. Statement To DC source last. StatementPower switch Power switch Step 6 Power Up the Universal GatewayChecklist for Power Up Power-Up Procedure 7 Perform Initial Configuration Initial Configuration Using the Setup Command FacilityStep 4 Enter a hostname for the gateway Step 12 Press Enter for every slot, port, and channel Initial Configuration Using the CLI Manual Configuration Verifying the Hostname and Passwords Step 1 Enter the show configuration commandConfiguring Local AAA Security Configuring Basic Dial Access Configuring the Asynchronous Group Interface Gateway# show async status Verifying the Group Interface ConfigurationGateway# show interface async 4/0 Configuring a T1 or E1 Feature Card Configuring a Channelized T3 Feature Card Verifying Channelized T1 or E1 Controller OperationVerifying Channelized T3 Controller Operation Configuring ISDN PRI Keyword Switch TypeArea ISDN Switch TypesVerifying Interface Configuration Enter the show isdn status command to view layer status information controller T1 1/012 framing esf channel-group 20 timeslots 1-24 speed Configuring the D Channels for ISDN Signalingframing esf channel-group 20 timeslots 1-24 speed controller T1 1/013 framing esf channel-group 20 timeslots 1-24 speedinterface Figure 41 Relationship of ISDN PRI Components for T1serial Configuring the Universal Port or Dial-Only Feature Cards Verifying D Channel ConfigurationDescription FeatureSPE Firmware Verifying the SPE Configuration Gatewayconfig# line slot/port slot/portConfiguring the Voice Feature Card Upgrade DSP Firmware on the Voice Feature Card Verifying the Firmware Upgrade Configure ClockingFeature Card Ports Free-Running Clock Clocking Configuration ExamplesExternal Clock Verify Clocking Verify your BITS clock selection by using the show tdm clocks command Prerequisites Saving Configuration ChangesVoice over IP For detailed configuration information for specific features Where to Go NextConfiguration Tasks For new features associated with a software releaseCisco.com 8 Slot Numbering9 Obtaining Documentation Product Documentation DVDOrdering Documentation 10 Documentation Feedback11 Cisco Product Security Overview Cisco Technical Support & Documentation Website Reporting Security Problems in Cisco Products12 Obtaining Technical Assistance For Emergencies only - security-alert@cisco.com13 Obtaining Additional Publications and Information Submitting a Service RequestDefinitions of Service Request Severity Page Page Americas Headquarters Corporate HeadquartersEuropean Headquarters Asia Pacific Headquarters