requirements:
- r4 to authenticate R5 against the RADIUS server IP 155.1.146.100
-r5 to authenticate r4 against the tacacs+ server IP 155.1.146.200
- if both remote servers fail r4 and r5 should use local user db for authentication.
- use cisco to authenticate the remote servers.
- dont use global commands to define the radius server in r4.
fyi: r4 authenticates r5 using ppp and chap. r5 authenticates r4 using pap only.
R4:
aaa new-model
!
!
aaa group server radius MYRADIUS
server-private 155.1.146.100 auth-port 1645 acct-port 1646 key CISCO
!
aaa authentication login CONSOLE none
aaa authentication ppp PPPAUTH group MYRADIUS local
!
interface Serial0/1
ppp authentication pap chap PPPAUTH
!
line con 0
login authentication CONSOLE
R5
aaa new-model
!
!
aaa authentication login CONSOLE none
aaa authentication ppp default group tacacs+ local
!
tacacs-server host 155.1.146.200 key CISCO
!
line con 0
login authentication CONSOLE
VIRTUALRACK for Network Engineers... This blog is all about networking technologies that drives the human network today... Welcome to the Human Network!!
No comments:
Post a Comment