Example 83 Sample Configuration for AAA Authentication and Accounting with Tacacs Security Server

NAS(config)#aaa new-model

NAS(config)#aaa authentication ppp default if-needed group tacacs+ local

NAS(config)#aaa accounting network default stop-only group tacacs+

NAS(config)#tacacs-server host 192.168.1.15

NAS(config)#tacacs-server key Elvis

NAS(config)#interface serial 0

NAS(config-if)#ppp authentication default

In this example

• The aaa new-model command enables the AAA security services.

• The aaa accounting command configures network accounting via TACACS+. Accounting records describing the session that just terminated will be sent to the TACACS+ server whenever a network connection terminates.

• The tacacs-server host command identifies the TACACS+ daemon as having an IP address of 192.168.1.15. The tacacs-server key command defines the shared encryption key to be Elvis.

• The interface command selects the line or port, and the ppp authentication command applies the default method list to this line.

0 0

Post a comment