Cisco AAA Implementation Case Study
Appendix B: AAA Impact on Maintenance Tasks
Downloads: This chapterpdf (PDF - 100.0KB) The complete bookPDF (PDF - 1.74MB) | Feedback

AAA Impact on Maintenance Tasks

Table Of Contents

AAA Impact on Maintenance Tasks


AAA Impact on Maintenance Tasks


Most BootFlash images do not recognize all Cisco IOS aaa commands. As a result, invoking a BootFlash image can lead to a password recovery situation unless the Cisco IOS fragments listed in this appendix are used to disable AAA. One example of a situation requiring the inclusion of this configuration is a software image upgrade for a Cisco AS5200 access server.

Include the following Cisco IOS commands to disable AAA authentication and authorization on the console and VTY ports of a NAS:

aaa authentication login NO_AUTHENT none
aaa authorization exec NO_AUTHOR none
aaa authorization commands 15 NO_AUTHOR none 
 
line con 0
 authorization exec NO_AUTHOR
 login authentication NO_AUTHENT
 authorization commands 15 NO_AUTHOR

line vty 0 4
 authorization commands 15 NO_AUTHOR
 authorization exec NO_AUTHOR
 login authentication NO_AUTHENT

Note Refer to "4.6 Implementing Server-Based TACACS+ Router Authorization" for related implementation information.