topic enable aaa, ssh in catos in Network Access Control https://community.cisco.com/t5/network-access-control/enable-aaa-ssh-in-catos/m-p/1399373#M322664 <P>hi! I;m trying to configure ssh and aaa in CatOS. Anyone know what's the neccessary commands for what i'm trying to achive in the commands below? we've that in IOS but not too sure about catos. Thanks.</P><P></P><P></P><P>username admin password xxxxx<BR />aaa new-model<BR />aaa authentication login default group tacacs+ local<BR />aaa authorization exec default group tacacs+ local <BR />aaa authorization network default group tacacs+ local <BR />aaa accounting exec default start-stop group tacacs+<BR />aaa accounting commands 15 default start-stop group tacacs+</P><P>tacacs-server host 172.16.1.1 key 7 uoweuouru<BR />tacacs-server host 172.16.1.2 key 7 uoweuouru</P><P>ip dhcp snooping vlan 2-4069<BR />ip dhcp snooping</P><P>ip domain name hellodomain</P><P>crypto key generate rsa</P><P>ip ssh version 1</P><P>line vty 0 15<BR />access-class 20 out<BR />transport input ssh<BR />exit</P> Sun, 10 Mar 2019 23:55:39 GMT dkblee 2019-03-10T23:55:39Z enable aaa, ssh in catos https://community.cisco.com/t5/network-access-control/enable-aaa-ssh-in-catos/m-p/1399373#M322664 <P>hi! I;m trying to configure ssh and aaa in CatOS. Anyone know what's the neccessary commands for what i'm trying to achive in the commands below? we've that in IOS but not too sure about catos. Thanks.</P><P></P><P></P><P>username admin password xxxxx<BR />aaa new-model<BR />aaa authentication login default group tacacs+ local<BR />aaa authorization exec default group tacacs+ local <BR />aaa authorization network default group tacacs+ local <BR />aaa accounting exec default start-stop group tacacs+<BR />aaa accounting commands 15 default start-stop group tacacs+</P><P>tacacs-server host 172.16.1.1 key 7 uoweuouru<BR />tacacs-server host 172.16.1.2 key 7 uoweuouru</P><P>ip dhcp snooping vlan 2-4069<BR />ip dhcp snooping</P><P>ip domain name hellodomain</P><P>crypto key generate rsa</P><P>ip ssh version 1</P><P>line vty 0 15<BR />access-class 20 out<BR />transport input ssh<BR />exit</P> Sun, 10 Mar 2019 23:55:39 GMT https://community.cisco.com/t5/network-access-control/enable-aaa-ssh-in-catos/m-p/1399373#M322664 dkblee 2019-03-10T23:55:39Z Re: enable aaa, ssh in catos https://community.cisco.com/t5/network-access-control/enable-aaa-ssh-in-catos/m-p/1399374#M322670 <HTML><HEAD></HEAD><BODY><DIV class="jive-rendered-content"><PRE __jive_macro_name="quote" class="jive_text_macro jive_macro_quote"><P>hi! I;m trying to configure ssh and aaa in CatOS. Anyone know what's the neccessary commands for what i'm trying to achive in the commands below? we've that in IOS but not too sure about catos. Thanks.</P><P></P><P></P><P>username admin password xxxxx<BR />aaa new-model<BR />aaa authentication login default group tacacs+ local<BR />aaa authorization exec default group tacacs+ local <BR />aaa authorization network default group tacacs+ local <BR />aaa accounting exec default start-stop group tacacs+<BR />aaa accounting commands 15 default start-stop group tacacs+</P><P>tacacs-server host 172.16.1.1 key 7 uoweuouru<BR />tacacs-server host 172.16.1.2 key 7 uoweuouru</P><P>ip dhcp snooping vlan 2-4069<BR />ip dhcp snooping</P><P>ip domain name hellodomain</P><P>crypto key generate rsa</P><P>ip ssh version 1</P><P>line vty 0 15<BR />access-class 20 out<BR />transport input ssh<BR />exit</P></PRE></DIV><P></P><P>Hi,</P><P></P><P>As per the configuration you have configured access-class out which means <SPAN class="content">" Restricts outgoing connections between a particular Cisco device and the addresses in the access list."</SPAN></P><P></P><P><SPAN class="content"></SPAN></P><P class="pB1_Body1">The following example defines an access list that permits only hosts on network 192.89.55.0 to connect to the virtual terminal ports on the router:</P><A name="wp1017429"></A><DIV class="pEx1_Example1"><PRE><BR />access-list 12 permit 192.89.55.0&nbsp; 0.0.0.255<BR /></PRE></DIV><A name="wp1017430"></A><DIV class="pEx1_Example1"><PRE> line 1 5<BR /></PRE></DIV><A name="wp1017431"></A><DIV class="pEx1_Example1"><PRE> access-class 12 in</PRE></DIV><P></P><P></P><P>I would suggest configure <STRONG>access-class in&nbsp; </STRONG>then check you are able to login into cisco devices.</P><P></P><P>Hope that help</P><P></P><P>If helpful do rate the post</P><P></P><P>Ganesh.H</P></BODY></HTML> Wed, 03 Feb 2010 08:20:02 GMT https://community.cisco.com/t5/network-access-control/enable-aaa-ssh-in-catos/m-p/1399374#M322670 Ganesh Hariharan 2010-02-03T08:20:02Z