Verifying local aaa security configuration – Cisco 1604 User Manual

3-6

Cisco IOS Dial Services Quick Configuration Guide

Chapter 3

Configuring the Cisco 1604 Router

Verifying Local AAA Security Configuration

To configure local AAA security on the Cisco 1604, enter the following commands beginning in global
configuration mode:

Step 1

Create a local username for yourself. Make sure to change “joe-admin” to your own username and
“joe-password” to your own password. This step prevents you from getting locked out of the router
when you enable AAA.

robo-austin(config)# username joe-admin password joe-password

Step 2

Enable AAA access control. This step immediately enables login and PPP authentication.

robo-austin(config)# aaa new-model

Step 3

Configure AAA to perform login authentication by using the local username database. The login
keyword indicates authentication of EXEC (shell) users.

robo-austin(config)# aaa authentication login default local

Step 4

Configure PPP authentication to use the local database if the session was not already authenticated by
login.

robo-austin(config)# aaa authentication ppp default local

Note

After you finish setting up basic security, you can enhance the security solution by
extending it to an external TACACS+ or RADIUS server. However, this case study
describes only local AAA security.

Verifying Local AAA Security Configuration

To verify the local AAA security configuration on the Cisco 1604:

Step 1

Log in with your username:password.

Step 2

Enter the login command at the EXEC (shell) prompt. Do not disconnect your EXEC session until you
can log in successfully. (If you get locked out, recover your password by rebooting the router.)

robo-austin# login

User Access Verification

Username: joe-admin

Password:

robo-austin#