aaa new-model //開啟AAA
line con 0 //針對console,亦可對line vty
login authentication no-auth //名稱為no-auth
aaa authentication login no-auth none
tacacs-server host x.x.x.x key ******** //指定tacacs server
radius-server host x.x.x.x key ******** //指定radius server
aaa authentication login default group tacacs group radius local //驗證順序tacacs,radius,local
sh run | include aaa
aaa accounting commands 0 default stop-only group tacacs+ //accounting 設定prillege level
aaa accounting commands 1 default stop-only group tacacs+
aaa accounting commands 2 default stop-only group tacacs+
aaa accounting commands 3 default stop-only group tacacs+
aaa accounting commands 13 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default stop-only group tacacs+
沒有留言:
張貼留言