Routing:
[Gen][CCNA][CCNP Route][CCNP Remote][CCDA][MPLS][EEM][Add][Juniper][ACL][Host]
Switching: [CCNP Switch] [Switch Add] [Intro] [VLANs] [MLS] [STP] [QoS] [Availability] Security: [CCNP Security] [CCNA Security] [CCNP ISCW][PIX] [Adv PIX/ASA] [Net Sec1] [Net Sec2] Wireless: [Wireless] [Wireless Chall] [CCNA Wireless] [Wireless Theory] Voice: [Voice/QoS] [CCNA Voice] [CCVP Gateway] [CCVP Voice] Topics: [Dot1q][Dot1x][BGP][BRI][DHCP][IGRP][IGMP][OSPF][PPP][QoS][RADIUS][RIP][Subnet][SNMP][VLAN] RADIUSThe main elements of security are AAA. This allows for enhanced security for those al-lowed to log into a network, and allows certain privileges. It also logs the user events. Typically, this security is applied at the edge of a network, using a network access serv-er (NAS). This server contains a database of users and their associated passwords, and any other configuration. On routers there are three main security protocols: TACACS+, RADIUS and Kerberos. CCNP Remote Access
CCNP Switch
Wireless
PIX/ASA
CCNP ISCW
Security
Cisco Academy Network Security
CCNA Security
CCSP SRNS
ConfigurationThe main elements of security are AAA. This allows for enhanced security for those al-lowed to log into a network, and allows certain privileges. It also logs the user events. Typically, this security is applied at the edge of a network, using a network access serv-er (NAS). This server contains a database of users and their associated passwords, and any other configuration. On routers there are three main security protocols: TACACS+, RADIUS and Kerberos. On a router, AAA is enabled with: 1. Go into the privileged mode by typing enable. 2. Configure the device using by typing config t. 3. Then a model is defined with: (config)# aaa new-model 4. For TACACS+, the IP address of the TACACS+ server is specified with: (config)# tacacs-server host 192.168.0.10 5. Next the encryption key is specified with: (config)# tacacs-server key mypass 6. For RADIUS, the IP address of the RADIUS server is specified with: (config)# radius-server host 192.168.0.10 7. Next the encryption key is specified with: (config)# radius-server key mypass 8. Go back to the user executive mode with the command exit. 9. Show the main system configuration with show running-config. |