Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
188
Views
0
Helpful
1
Replies

AAA configuration for Cisco 9300

Go to solution
palani2010
Level 1
Level 1

‎08-21-2024 04:33 AM

Could you please help us to share AAA configuration for Cisco switches

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎08-21-2024 04:43 AM

Hello @palani2010 

Take care the command tacacs server server-name has been depreciated.

The new command structure is:

aaa group server tacacs+ <Name>
 server x.x.x.x
 server y.y.y.y
ip tacacs source-interface <Interface>

All config:

aaa new-model
aaa group server tacacs+ <Name>
server <x.x.x.x>
server <y.y.y.y>
ip tacacs source-interface <Interface>
aaa authentication login default group <Name> local
aaa authentication enable default group <Name> enable
aaa authorization config-commands
aaa authorization exec default group <Name> local
aaa authorization commands 15 default group <Name> if-authenticated
aaa accounting exec default start-stop group <Name>
aaa accounting commands 1 default stop-only group <Name>
aaa accounting commands 15 default stop-only group <Name>
line vty 0 4
login authentication default
transport input ssh
line console 0
login authentication default

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
M02@rt37
VIP
VIP

‎08-21-2024 04:43 AM

Hello @palani2010 

Take care the command tacacs server server-name has been depreciated.

The new command structure is:

aaa group server tacacs+ <Name>
 server x.x.x.x
 server y.y.y.y
ip tacacs source-interface <Interface>

All config:

aaa new-model
aaa group server tacacs+ <Name>
server <x.x.x.x>
server <y.y.y.y>
ip tacacs source-interface <Interface>
aaa authentication login default group <Name> local
aaa authentication enable default group <Name> enable
aaa authorization config-commands
aaa authorization exec default group <Name> local
aaa authorization commands 15 default group <Name> if-authenticated
aaa accounting exec default start-stop group <Name>
aaa accounting commands 1 default stop-only group <Name>
aaa accounting commands 15 default stop-only group <Name>
line vty 0 4
login authentication default
transport input ssh
line console 0
login authentication default

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card