|
|
 |
|
|
| 1. 有关网络设备AAA配置,如果ACS出现问题,要在本地认证应如何配置 |
  |
|
 |
|
HP : 0 / 257
MP : 50 / 3899
EXP : 30%
|
|
武林奇才
成员等级: 11
发表总数: 150
金币总数: 363
所属组别: 普通成员
注册日期: 2003/11/5
|
我现在做了如下配置,已经可以通过ACS认证,如果ACS出现问题,要在本地认证应如何配置
enable password f
!
username lcd password 0 f
aaa new-model
aaa authentication login vty group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
aaa session-id common
line con 0
line vty 0 4
password f
login authentication vty
line vty 5 15 |
|
|
|
| 2. Re:有关网络设备AAA配置,如果ACS出现问题,要在本地认证应如何配置... |
|
|
 |
|
HP : 250 / 1254
MP : 1625 / 21993
EXP : 16%
|
|
迟则生变
成员等级: 51
发表总数: 4877
金币总数: 308
所属组别: 管理员
注册日期: 2003/01/9
|
aaa authentication login vty group tacacs+ local
user aaa password bbb
没有谁能像一座孤岛/在大海里独踞/每个人都像一块小小的泥土/连接成整个陆地/如果一块泥土被海水冲去/欧洲将缺其一隅/这如同一座山岬/也如同你的朋友和你自己/无论谁死了/都是自己的一部分在死去/因为我包含在人类这个概念里/因此我从不问丧钟为谁而鸣/它为我,也为你
No man is an Island, entire of itself; every man is a piece of the Continent, a part of the main; if a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a man or of thy friends or of thine own were; any man's death diminishes me, because I am involved in Mankind; And therefore never send to know for whom the bell tolls; It tolls for thee.
|
|
|
|
| 3. Re:有关网络设备AAA配置,如果ACS出现问题,要在本地认证应如何配置... |
|
|
|
|
|
HP : 0 / 257
MP : 50 / 3899
EXP : 30%
|
|
武林奇才
成员等级: 11
发表总数: 150
金币总数: 363
所属组别: 普通成员
注册日期: 2003/11/5
|
我现在做了AAA的配置,通过ACS认证时就出现了如下的错误
Username: test
Password:
% Authentication failed.
username test password test
aaa new-model
!
aaa authentication login con none
aaa authentication login vty group tacacs+ local
aaa authorization exec vty group tacacs+ if-authenticated local aaa authentication enable default group tacacs+ enable
aaa authorization commands 1 vty group tacacs+
aaa authorization commands 15 vty group tacacs+
aaa authorization network vty group tacacs+
aaa accounting exec vty stop-only group tacacs+
aaa accounting commands 15 vty stop-only group tacacs+
aaa accounting network vty start-stop group tacacs+
!
line vty 0 4
authorization commands 1 vty
authorization commands 15 vty
authorization exec vty
accounting commands 15 vty
accounting exec vty
login authentication vty
|
|
|
