3-4
Cisco AS5350 and Cisco AS5400 Universal Gateway Software Configuration Guide
OL-3418-02 B0
Chapter 3
Basic Configuration Using the Command-Line Interface
Configuring Local AAA Security
•
Exit global configuration mode and attempt to login using the new enable secret password. The
show privilege command shows the current security privilege level.
AS5400# exit
AS5400 con0 is now available
Press RETURN to get started.
AS5400> enable
Password:
AS5400# show privilege
Current privilege level is 15
AS5400#
Configuring Local AAA Security
Configure authentication, authorization, and accounting (AAA) to perform login authentication by using
the local username database. The login keyword authenticates EXEC shell users. Additionally, configure
PPP authentication to use the local database if the session was not already authenticated by login.
AAA (called triple A) is the Cisco IOS security model used on all Cisco devices. AAA provides the
primary framework through which you set up access control on the Cisco AS5350 or Cisco AS5400.
The same authentication method is used on all interfaces. AAA is set up to use the local database
configured on the gateway. This local database is created with the username configuration commands.
Step 1
Create a local login username database in global configuration mode. In this example, the administrator's
username is admin. The remote client’s login username is Harry.
AS5400(config)# username admin password adminpasshere
AS5400(config)# username Harry password Harrypasshere
Caution
This step also prevents you from getting locked out of the gateway. If you get locked out, you must reboot
the device and perform password recovery.
Step 2
Configure local AAA security in global configuration mode. You must enter the aaa new-model
command before the other two authentication commands.
AS5400(config)# aaa new-model
AS5400(config)# aaa authentication login default local
AS5400(config)# aaa authentication ppp default if-needed local
Table 3-1
explains the previous configuration example.
Table 3-1
Local AAA Commands
Command
Purpose
AS5400(config)# aaa new-model
Initiates the AAA access control system. This
command immediately locks down login and PPP
authentication.