08-28-2013 04:14 AM
Hello,
I am currently studying my CCNA and I am curious as to what is the difference between configuring the below 2 options, which seem to achieve the same outcome to me.
1).
Router(config)#username user1 password pass1
Router(config)#line vty 0 15
Router(config-line)login local
Or
2).
Router(config)#username user1 password pass1
Router(config)#aaa new-model
Router(config)#aaa authentication login LOCAL_AUTH local
Router(config)#line vty 0 15
Router(config-line)#login authentication LOCAL_AUTH
Thanks for your replies
08-28-2013 04:17 AM
When only looking at the authentication as you have configured it, you are right. Both do the same thing. But when you activate aaa new-model, you have plenty more options to control how your complete AAA is working. Most important, you can send the authentication to an external Authentication-server with RADIUS or TACACS+ or you can do Authorization where the external server controls what you are allowed to do after you have authenticated.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-29-2013 05:36 AM
Thank you very much for your reply.
Whilst I do not know much about AAA at the moment, it makes sense now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide