Cisco AAA Implementation Case Study
Appendix B: AAA Impact on Maintenance Tasks
-
Cisco AAA Implementation Case Study
-
Preface
-
Cisco AAA Case Study Overview
-
Implementing the Local AAA Subsystem
-
Implementing Cisco AAA Servers
-
Implementing the Server-Based AAA Subsystem
-
Implementing Server-Based AAA Accounting
-
Diagnosing and Troubleshooting AAA Operations
-
Appendix A: AAA Device Configuration Listings
-
Appendix B: AAA Impact on Maintenance Tasks
-
Appendix C: Server-based AAA Verification Debug Output
-
Index
-
Download this chapter
Download the complete book
Feedback
Table Of Contents
AAA Impact on Maintenance Tasks
AAA Impact on Maintenance Tasks
Most BootFlash images do not recognize all Cisco IOS aaa commands. As a result, invoking a BootFlash image can lead to a password recovery situation unless the Cisco IOS fragments listed in this appendix are used to disable AAA. One example of a situation requiring the inclusion of this configuration is a software image upgrade for a Cisco AS5200 access server.
Include the following Cisco IOS commands to disable AAA authentication and authorization on the console and VTY ports of a NAS:
aaa authentication login NO_AUTHENT noneaaa authorization exec NO_AUTHOR noneaaa authorization commands 15 NO_AUTHOR noneline con 0authorization exec NO_AUTHORlogin authentication NO_AUTHENTauthorization commands 15 NO_AUTHORline vty 0 4authorization commands 15 NO_AUTHORauthorization exec NO_AUTHORlogin authentication NO_AUTHENT
Note
Refer to "4.6 Implementing Server-Based TACACS+ Router Authorization" for related implementation information.
