AAA back to basics

I think I’ve done enough BGP for the week and time to do some security basics.

service password-encryption
username delan password ccie
enable secret ccie
aaa new-model
aaa authentication login VTY local group tacacs+
aaa authentication login CONSOLE group tacacs+ line
aaa authentication enable default enable
aaa authorization exec group tacacs+ if-authenticated
aaa authentication username-prompt “Please enter your username: ”
aaa authentication password-prompt “Please enter your password: ”
aaa authentication banner #
Access to this router is restricted to friends of Delan A
aaa authentication fail-message #
Invalid password, please check your username, password or both
line con 0
login authentication CONSOLE
password ccie321
line vty 0 4
privilege level 15
authorization exec VTY
login authentication VTY

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s