Cisco Radiusanbindung: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→Links) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 19: | Zeile 19: | ||
aaa accounting exec default start-stop group radius | aaa accounting exec default start-stop group radius | ||
</pre> | </pre> | ||
| + | |||
| + | =Beides Radius und Local= | ||
| + | <pre> | ||
| + | aaa new-model | ||
| + | ! | ||
| + | ! | ||
| + | aaa authentication login default local group radius | ||
| + | aaa authorization exec default local group radius if-authenticated | ||
| + | aaa accounting dot1x default start-stop group radius | ||
| + | <pre> | ||
=Links= | =Links= | ||
Version vom 6. Juni 2016, 15:30 Uhr
Einfache Anbindung
- radius-server host 192.168.244.49 auth-port 1812 acct-port 1813
- radius-server key 0 sysadm
- radius-server vsa send accounting
- radius-server vsa send authentication
Login
- aaa new-model
- aaa authentication login default group radius local
- aaa authorization exec default group radius local if-authenticated
Example
aaa new-model aaa authentication login default group radius local aaa authentication login vty-login group radius local aaa authentication enable default enable aaa authorization exec default group radius local if-authenticated aaa accounting exec default start-stop group radius
Beides Radius und Local
aaa new-model ! ! aaa authentication login default local group radius aaa authorization exec default local group radius if-authenticated aaa accounting dot1x default start-stop group radiusLinks
*http://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/116291-configure-freeradius-00.html *http://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-tacacs-/10384-security.html *http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/command/reference/fsecur_r/srfathen.html