Методички к лабам / Лаба 2 cisco paket tracer

AAA-

2.1.

Cisco

Packet Tracer Telnet

AAA

RADIUS AAA-

2.2.

RADIUS

Cisco Packet Tracer.

2.3.

T

Cisco IOS

Switch>

>

18

- Switch#

# enable

:

Switch#configure terminal

Switch(config)#enable password cisco

show run,

Switch#show running-config | include enable password enable password cisco

Switch(config)#service password-encryption

Switch#show running-config | include enable password enable password 7 0822455D0A16

service

19

password-encryption

enable secret.

Switch(config)#enable secret cisco Switch#show running-config | include enable

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0 /hash

hash enable secret

enable password

enable secret).

-

-

Switch(config)#username admin privilege 15 secret cisco

20

privilege

disable, enable, exit, help logout.

switch>

switch#).

-

-

1. aaa new-model

Authorization and Accounting) -

:

Local

Local-case

Enable enable{password | secret}.

Line None

list-name).

4. local method list

default

command line interface (cli

1)

Router#conf t

Router(config)#line vty 0 4

Router(config-line)#password cisco

Router(config-line)#login

. 2)

Router#conf t

Router(config)#line vty 0 4

Router(config-line)#login local

local

username). aaa new-model

aaa new-model

vty 0 4

23

-

-

-

-

-

-

-

AAA- 2.3.1.

2. AAA-

AAA-

-

AAA:

T

-

24

-

(authentication).

-

(authorization).

-

--

- RADIUS TACACS+.

RADIUS

RADIUS (Remote Authentication in Dial-In User Service) -

AAA-. :

UDP

- 1646).

--3].

TACACS+

TACACS+ (Terminal Access Controller Access Control System),

Cisco

TACACS.

DIUS.

--

25

TACACS+ - Cisco Secure Access Control Server (ACS).

TACACS 2.3.1.

.

VPN

AAA-

username admin privilege 15 secret cisco--

--

-

26

-

aaa new-model).

--

group

radius

-

-

- local

.

2.4.

2.4.1.

client (AAA-server).

2.

27