Manualshelf

Technical data

ManualsBrandsCisco ManualsComputer equipment1604 - 1604 Bridge/router
121122123124125126127128129130
IP, IPX, and AppleTalk Dial-Up Environments 5-21
Dial-In Configuration Examples
Security Configuration
This sample configuration uses a RADIUS security server for asynchronous interfaces and local
authentication for lines, because ARA, which is configured on lines, does not support RADIUS
authentication. The login authentication in this configuration works as follows:
Users dialing in to the EXEC facility are first authenticated by a RADIUS server. If a RADIUS
server is not accessible, local authentication is used.
Users dialing in with ARA are allowed to log in as guests only if they have already been
authenticated to the EXEC facility.
Users dialing in with PPP are authenticated only if they have not already been authenticated at
the EXEC facility. If they have not already been authenticated, the RADIUS server is polled. If
the RADIUS server has no information about the user or it is not accessible, local username
authentication is used. Users dialing in to group async interface 0 are authenticated using CHAP.
Users dialing in to group async interface 1 are authenticated using PAP.
This sample configuration only contains security commands. It does not contain modem or protocol
configuration commands. For modem and line commands, refer to the “Modem and Line
Configuration” section. For protocol configuration commands, refer to the “Protocol Configuration”
section.
aaa new-model
aaa authentication login default radius local
aaa authentication arap default auth-guest local
aaa authentication ppp default if-needed radius
!
radius-server host 172.23.4.28
radius-server key s2imm3r
!
username pumba password 7 095E470B1110
username timone password 7 095E470B1110
username rafiki password 7 0215055500070C294D
username simba password 7 032A5K39068R1935
username nala password 7 087X2G10385V8148
username mufasa password 7 075V3W50429L2943
username sarabi password 7 0215055500070C294D
enable secret 5 $1$Kv7T$yjdYBYi70X56gOpEtLj.Q.!
!
line 1 16
arap authentication default
!
line con 0
login authentication default
!
interface Group-Async1
ppp authentication chap default
group range 1 8
!
interface Group-Async2
ppp authentication pap default
group range 9 16
Protocol Configuration
The following sample configuration enables remote clients to dial in and access IP, IPX, and
AppleTalk resources. In this example, IP and IPX client connections are permitted on group
asynchronous interface 1 to IP, IPX, and AppleTalk resources. The IPX network number of loopback
interface 1 is assigned to the group asynchronous interface. Routing updates have been filtered on
all asynchronous interfaces.