Technical data
Cisco AS5300 Configuration 2-7
Configure
Configure
To configure local AAA security, use the following commands beginning in global configuration
mode:
Verify
To verify the configuration:
• Try to log in with your username:password. Enter the login command at the EXEC shell prompt.
If you get in, the login authentication is working with your local username. Do not disconnect
your access server session until you can log in successfully. (If you get locked out, you will need
to perform password recovery by rebooting the access server.)
hq-sanjose# login
User Access Verification
Username: joe-admin
Password: joe-password
hq-sanjose#
• Enter the show running command:
hq-sanjose# show running
Building configuration...
Current configuration:
!
version 12.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname hq-sanjose
Step Command Purpose
1
hq-sanjose(config)# username joe-admin password joe-password
Create a local login database
and username for yourself
1
.
This step also prevents you from
getting locked out of the access
server.
1. Make sure to change “joe-admin” to your own username and “joe-password” to your own password.
2
hq-sanjose(config)# aaa new-model
Initiate the AAA access control
system.
This step immediately locks
down login and PPP
authentication.
3
hq-sanjose(config)# aaa authentication login default local
Configure AAA to perform
login authentication using the
local username database.
The login keyword
authenticates shell/EXEC users.
4
hq-sanjose(config)# aaa authentication ppp default if-needed local
Configure PPP authentication to
use the local database if the
session was not already
authenticated by login.