Cisco设备AAA认证配置
aaa new-model!
!
aaa authentication login default group radius local
aaa authentication login no_authen none
aaa authorization exec default group radius
aaa accounting exec default start-stop group radius
!
username lcadmin password 0 cisco
!
radius-server host 192.168.91.114 auth-port 1645 acct-port 1646 keycisco
认证debug信息:
*Mar1 00:48:47.963: AAA/BIND(00000010): Bind i/f
*Mar1 00:48:47.975: AAA/AUTHEN/LOGIN (00000010): Pick method list'default'
*Mar1 00:48:52.691: AAA/AUTHOR/EXEC(00000010): Authorizationsuccessful
*Mar1 00:48:55.275: AAA: parse name=tty66> *Mar1 00:48:55.275: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0adapter=0
port=66 channel=0
*Mar1 00:48:55.279: AAA/MEMORY: create_user (0x857CCCB8) user='hc'ruser='NULL
' ds0=0 port='tty66' rem_addr='192.168.1.114' authen_type=ASCIIservice=ENABLE p
riv=15 initial_task_id='0', vrf= (id=0)
*Mar1 00:48:55.283: AAA/AUTHEN/START (1094148360): port='tty66'list='' action
=LOGIN service=ENABLE
*Mar1 00:48:55.287: AAA/AUTHEN/START (1094148360): non-console enable -defaul
t to enable password
*Mar1 00:48:55.287: AAA/AUTHEN/START (1094148360): Method=ENABLE
*Mar1 00:48:55.291: AAA/AUTHEN(1094148360): Status=GETPASS
*Mar1 00:48:56.032: AAA/AUTHEN/CONT (1094148360): continue_login(user='(undef
)')
*Mar1 00:48:56.032: AAA/AUTHEN(1094148360): Status=GETPASS
*Mar1 00:48:56.036: AAA/AUTHEN/CONT (1094148360): Method=ENABLE
*Mar1 00:48:56.053: AAA/AUTHEN(1094148360): Status=PASS
*Mar1 00:48:56.053: AAA/MEMORY: free_user (0x857CCCB8) user='NULL'ruser='NULL
' port='tty66' rem_addr='192.168.1.114' authen_type=ASCII service=ENABLEpriv=15
vrf= (id=0)
页:
[1]