Table of Contents
Advertisement
Chapter 27
Configuring Switch Access Using AAA
Configuring Authorization
These sections describe how to configure authorization:
•
•
•
Authorization Default Configuration
Table 27-4
Table 27-4 Default Authorization Configuration
Feature
TACACS+ login authorization (console and Telnet)
TACACS+ EXECauthorization (console and Telnet)
TACACS+ enable authorization (console and Telnet)
TACACS+ commands authorization (console and Telnet)
TACACS+ Authorization Configuration Guidelines
These guidelines apply when configuring authorization on the switch:
•
•
•
•
•
Configuring TACACS+ Authorization
These sections describe how to configure TACACS+ authorization on the switch.
•
•
78-12647-02
Authorization Default Configuration, page 27-51
TACACS+ Authorization Configuration Guidelines, page 27-51
Configuring TACACS+ Authorization, page 27-51
shows the default authorization configuration.
TACACS+ authorization is disabled by default.
Authorization configuration applies to console connections, Telnet connections, or both types of
connections.
You must specify the mode, primary option, fallback option, and connection type when enabling
authorization.
Configure RADIUS and TACACS+ servers before enabling authorization. See the
TACACS+ Servers" section on page 27-17
page 27-23
for more information on server setup.
Configure RADIUS and TACACS+ keys to encrypt protocol packets before enabling authorization.
See the
"Specifying the TACACS+ Key" section on page 27-19
Key" section on page 27-25
Enabling TACACS+ Authorization, page 27-52
Disabling TACACS+ Authorization, page 27-53
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
or the
"Specifying RADIUS Servers" section on
for more information on the key setup.
Configuring Authorization
Default Value
Disabled
Disabled
Disabled
Disabled
or the
"Specifying the RADIUS
"Specifying
27-51
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
