https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896820#M407900 <HTML><HEAD></HEAD><BODY><P>You have to enable AAA on both the Terminal</P><P>Server TTY line and the networking devices</P><P>console port that connected to the Terminal</P><P>Server.</P><P></P><P>CCIE security</P></BODY></HTML> Mon, 28 Jan 2008 20:27:08 GMT cisco24x7 2008-01-28T20:27:08Z https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896818#M407892 <P>Hi,</P><P></P><P>I have enabled TACACS+ authentication and authorization for my networking devices. </P><P></P><P>I can also access these devices through my terminal server (cisco router). Telnet Access to the terminal server itself is authenticated with ACS.</P><P></P><P>My problem is that after a user logs on to the terminal server, the user is able to logon to other networking devices without having to provide the credentials. How do I make it mandatory for a user to provide TACACS+ credentials for devices connected to the terminal server?</P><P></P><P>I have enabled AAA for console and VTY access on the terminal server and the devices. </P><P></P><P>Regards,</P><P>Suresh</P> Sun, 10 Mar 2019 22:36:57 GMT https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896818#M407892 sureshkrishnan 2019-03-10T22:36:57Z https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896819#M407896 <HTML><HEAD></HEAD><BODY><P>The authentication, authorization, and accounting (AAA) mechanism verifies the identity of, grants access to, and tracks the actions of users managing a switch. All Cisco MDS 9000 Family switches use Remote Access Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) protocols to provide solutions using remote AAA servers. </P><P></P><P>Based on the user ID and password combination provided, switches perform local authentication or authorization using the local database or remote authentication or authorization using AAA server(s). A preshared secret key provides security for communication between the switch and AAA servers. This secret key can be configured for all AAA server or for only a specific AAA server. This security mechanism provides a central management capability for AAA servers. </P><P></P><P>Refer to Configuring RADIUS and TACACS+ for more information</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/sw/rel_2_x/san-os/configuration/guide/cradtac.html" target="_blank">http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/sw/rel_2_x/san-os/configuration/guide/cradtac.html</A></P></BODY></HTML> Mon, 28 Jan 2008 19:38:13 GMT https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896819#M407896 jbayuka 2008-01-28T19:38:13Z https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896820#M407900 <HTML><HEAD></HEAD><BODY><P>You have to enable AAA on both the Terminal</P><P>Server TTY line and the networking devices</P><P>console port that connected to the Terminal</P><P>Server.</P><P></P><P>CCIE security</P></BODY></HTML> Mon, 28 Jan 2008 20:27:08 GMT https://community.cisco.com/t5/network-access-control/aaa-on-terminal-server/m-p/896820#M407900 cisco24x7 2008-01-28T20:27:08Z