https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514393#M427190 <HTML><HEAD></HEAD><BODY><P>Welcome <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Please rate this post if it helped <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Sat, 20 May 2006 20:06:31 GMT premdeep.banga 2006-05-20T20:06:31Z https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514390#M427187 <P>I have AAA with TACACS+ configured on a router in this manner:</P><P>aaa authentication login default group tacacs+ local-case enable</P><P>aaa authentication enable default group tacacs+ enable</P><P></P><P>Can I enter the same configuration on a switch(switches in general)?</P><P></P><P>What about accounting? can I have the same accounting configured on the router and switch?</P><P></P><P>for the switch do I need to enable accounting services to the console line?</P><P>example:</P><P>line con 0</P><P>accounting commands 15 default</P><P>accounting exec default</P><P></P><P>so in the router Ihave accounting configured but not applied to any interfaces eg) console, vty.... once accounting is enabled on the router it is automatically applied to all interfaces if I am using the default method list? and is that true for switches?</P><P></P><P></P><P></P><P></P> Sun, 10 Mar 2019 21:35:34 GMT https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514390#M427187 nathan 2019-03-10T21:35:34Z https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514391#M427188 <HTML><HEAD></HEAD><BODY><P>Hi Nathan,</P><P></P><P>Be it Router/Switch, AAA commands work for both same way.</P><P></P><P>And you are correct 'default' list means that it will be applied on all interface, on routers as well as on switch. Also you dont have to explicitly specify it like :</P><P></P><P>line con 0</P><P>accounting commands 15 default</P><P>accounting exec default</P><P></P><P>There's no need, beacuse you are again telling it to look for 'default' accounting list, which if we have already configured will look for the same.</P><P></P><P>Terefore only commands that you need to specify is :</P><P></P><P>aaa accouting commands 0 default start-stop group tacacs+</P><P>aaa accouting commands 1 default start-stop group tacacs+</P><P>aaa accouting commands 15 default start-stop group tacacs+</P><P></P><P>As by default we have commands on three privilege levels on IOS devices. Level 0,1, and 15.</P><P></P><P>Hope it helps <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Sat, 20 May 2006 07:25:35 GMT https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514391#M427188 premdeep.banga 2006-05-20T07:25:35Z https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514392#M427189 <HTML><HEAD></HEAD><BODY><P>yes this helps, I wasnt sure, just needed a confirmation....with out looking through volumes of material.</P><P></P><P>thanks</P></BODY></HTML> Sat, 20 May 2006 18:55:40 GMT https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514392#M427189 nathan 2006-05-20T18:55:40Z https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514393#M427190 <HTML><HEAD></HEAD><BODY><P>Welcome <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Please rate this post if it helped <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P></BODY></HTML> Sat, 20 May 2006 20:06:31 GMT https://community.cisco.com/t5/network-access-control/aaa-on-switches-vs-routers-on-cisco-ios/m-p/514393#M427190 premdeep.banga 2006-05-20T20:06:31Z