Configuration Guide Configuring AAA
Step 1: Enable AAA.
Step 2: Configure a RADIUS or TACACS+ server in advance if remote server-group authorization needs to
be implemented. If local authorization needs to be implemented, configure the local user database
information on the NAS.
Step 3: Configure an AAA authorization method list according to different access modes and service types.
Step 4: Apply the configured method list to an interface or line. Skip this step if the default authorization
method is used.
EXEC authorization is often used with login authentication, which can be implemented on the same line.
Ruijie#configure terminal
Ruijie(config)#username user password pass
Ruijie(config)#username user privilege 6
Ruijie(config)#aaa new-model
Ruijie(config)#radius-server host 10.1.1.1
Ruijie(config)#radius-server key test
Ruijie(config)#aaa authentication login list1 group local
Ruijie(config)#aaa authorization exec list2 group radius local
Ruijie(config)#line vty 0 4
Ruijie(config-line)#login authentication list1
Ruijie(config-line)# authorization exec list2
Ruijie(config-line)#exit
Run the show run and show aaa method-list commands on the NAS to display the configuration.
Ruijie#show aaa method-list
Authentication method-list:
aaa authentication login list1 group local
Accounting method-list:
To Next Page
Loading...
Need help?
General
