Re: What is the difference between Login authentication using AA

jared.j01 · ‎08-28-2013

Hello,

I am currently studying my CCNA and I am curious as to what is the difference between configuring the below 2 options, which seem to achieve the same outcome to me.

1).

Router(config)#username user1 password pass1

Router(config)#line vty 0 15

Router(config-line)login local

Or

2).

Router(config)#username user1 password pass1

Router(config)#aaa new-model

Router(config)#aaa authentication login LOCAL_AUTH local

Router(config)#line vty 0 15

Router(config-line)#login authentication LOCAL_AUTH

Thanks for your replies

Karsten Iwen · ‎08-28-2013

When only looking at the authentication as you have configured it, you are right. Both do the same thing. But when you activate aaa new-model, you have plenty more options to control how your complete AAA is working. Most important, you can send the authentication to an external Authentication-server with RADIUS or TACACS+ or you can do Authorization where the external server controls what you are allowed to do after you have authenticated.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

jared.j01 · ‎08-29-2013

Thank you very much for your reply.

Whilst I do not know much about AAA at the moment, it makes sense now.

What is the difference between Login authentication using AAA and Login Local

WLC cloud 17.6.5, Local Web Authentication, problems login

eXR:新コマンド 'display-login-failed-users' について

[Intersight] "Login credentials are incorrect" による vCenter 接続断時の対処について

IOS-XE/XE SD-WAN: system shell login について

AnyConnect (Windows) 接続時のエラー (Login denied)