Configuration of Basic Local Password Authentication
Procedure |
Commands |
Description |
---|---|---|
Step 1 | enable | This command is used to enter the privileged EXEC mode. |
Step 2 | configure terminal | This command is used to enter the Global Configuration Mode. |
Step 3 | aaa new-model | This command is used to enable Authentication, Authorization, Accounting (AAA) globally on the device. (Without this command other AAA commands cannot be executed). |
Step 4 | aaa authentication login default local | This command creates a default local authentication list in the database. |
Step 5 | line <aux|vty|console> <line-number> <ending-line-number> | This command is used to enter the Line configuration mode (auxiliary, or console) for the lines to which the created authentication list should be applied. |
Step 6 | login authentication default | This command is used to apply the created authentication list to the line or set of lines. |
Step 7 | exit | This command is used to exit the Global Configuration Mode. |
Step 8 | username <name> password <password> | This command creates a user-id for which ypou will be able to log in, locally. (The admin has to make this entry for every user who wants to access the network according to their privilege level). |
Router> enable Router# configure terminal Router(config)# aaa new-model Router(config)# aaa authentication login default local Router(config)# line vty 0 4 Router(config-line)# login authentication default Router(config-line)# exit Router(config)#username admin password Cisco@123
Step 1: Basic IP configuration on both Routers:
Step 2: Configuration Local Authentication on R1:
Step 3: Verifying Authentication:
As you can see, Authentication has been set on the initial console login for the user we have previously created.
Step 4: Verifying Authentication using telnet from R2:
As you can see, Authentication has also been set for a telnet service on R1 when it is accessed from R2, and it requires the credentials from the user to gain access to that particular service.
Configuring Basic Password Authentication in Cisco
The Access Control Passwords are generally used to restrict access to a certain network server along with its services for a specified group of users (hosts). The Authentication, Authorization, and Accounting (AAA) network services provide the framework or platform through which one can set up Access Control over their router or network server along with its services.