Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

local AAA Config on 1900

Hi Experts

how to configure 1900 router for local AAA and only allow ssh to it 

thanks

jamil

5 REPLIES
Bronze

local AAA Config on 1900

For local AAA:

aaa new-model
aaa authentication login default local
username user privilege 15 secret password (for access directly to privileged exec -security concern here)

or

username user secret password (requires that you type in enable secret)

For SSH:

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

New Member

local AAA Config on 1900

thanks for ur reply

local AAA Config on 1900

Jamil,

In addition to what was posted about the aaa config, you can restrict to using ssh on the line itself:

line vty 0 4

transport input ssh

HTH,

John

HTH, John *** Please rate all useful posts ***
New Member

local AAA Config on 1900

hi

i have cisco acs 5.2 with all all default methode applied to all lines, do i need any thing on the acs?

thanks

Cisco Employee

local AAA Config on 1900

Since you have configured authentication locally so in that case you don't need any configuration on the ACS 5.2.

However, in case you would like to authenticate users from tacacs server, all you need is

- Create AAA client with authentication method as TACACS

- Under Defalut admin access you may create a seprate rule for tacacs authentication otherwise set the default rule to PERMIT and that would work for you.

Hope it helps.

Regards,

Jatin

Do rate helpful posts-

~BR Jatin Katyal **Do rate helpful posts**
549
Views
8
Helpful
5
Replies