Specifications
3-25
Cisco AS5x00 Case Study for Basic IP Modem Services
11/24/1999
Section 3 Commissioning the Cisco AS5800 Hardware
Configuring Cisco IOS Basics
Note
The
enable password
command is an obsolete command. Do not use it.
Step 2
Log in with the enable secret password. The
show privilege
command shows the current security
privilege level.
5800-NAS#disable
5800-NAS>enable
Password:
5800-NAS#show privilege
Current privilege level is 15
5800-NAS#
2.2 Configuring Local AAA Security
Configure AAA to perform login authentication by using the local username database. The
login
keyword authenticates EXEC shell users. Additionally, configure PPP authentication to use the local
database if the session was not already authenticated by
login
.
AAA is the Cisco IOS security model used on all Cisco devices. AAA provides the primary framework
through which you set up access control on the NAS.
In this basic case study, the same authentication method is used on all interfaces. AAA is set up to use
the local database configured on the NAS. This local database is created with the
username
configuration commands.
Step 1
Create a local login username database in global configuration mode. In this example,
the administrator’s username is
admin
. The remote client’s login username is
dude
.
!
username admin password adminpasshere
username dude password dudepasshere
!
Warning
This step also prevents you from getting locked out of the NAS. If you get locked out, you
must reboot the device and perform password recovery.
Step 2
Configure local AAA security in global configuration mode. You must enter the
aaa new-model
command before the other two authentication commands.
!
aaa new-model
aaa authentication login default local
aaa authentication ppp default if-needed local
!