Example of AAA Command Usage

Command

Description

aaa authentication enable default group tacacs+ enable

Determines if the user can access the enabled command level. If authentication via TACACS+ server is unavailable, then use the enable password.

aaa authorization exec default group tacacs+ local

Determines if the user is allowed access to an EXEC shell and, if so, which shell attributes are permitted or denied. The method is TACACS+. If there is no response from the TACACS+ server, then the method is local, using the local username and password database.

aaa authorization command n default group tacacs+ local

Runs authorization for all commands at the specified privilege level (n). It is possible to have every line entered by a user authorized by TACACS+.

0 0

Post a comment