{"id":500,"date":"2008-12-26T23:55:06","date_gmt":"2008-12-26T15:55:06","guid":{"rendered":"https:\/\/blog.ychsiao.org\/?p=500"},"modified":"2018-03-21T20:24:52","modified_gmt":"2018-03-21T12:24:52","slug":"cisco-switchrouter-aaa-part-1","status":"publish","type":"post","link":"https:\/\/blog.ychsiao.org\/?p=500","title":{"rendered":"Cisco Switch\/Router AAA &#8211; Part 1"},"content":{"rendered":"<p>\u56e0\u70ba\u67d0<a href=\"http:\/\/en.wikipedia.org\/wiki\/ISO_27001\">\u4e9bISO27001<\/a>\u9700\u6c42\uff0c<!--more-->\u9700\u8981\u5c07\u6240\u6709\u7db2\u8def\u8a2d\u5099\u505a\u55ae\u4e00\u5e33\u865f\u63a7\u7ba1\u3002\u76ee\u524d\u662f\u9078\u7528<a href=\"http:\/\/www.cisco.com\/en\/US\/products\/sw\/secursw\/ps2086\/index.html\">Cisco ACS<\/a>\u4f5c\u70ba<a href=\"http:\/\/www.cisco.com\/warp\/public\/614\/7.html\">TACACS+<\/a>,<a href=\"http:\/\/en.wikipedia.org\/wiki\/Radius\">RADIUS<\/a>Server\u3002<br \/>\nServer\u8a2d\u5b9a\u90e8\u5206\u4e4b\u5f8c\u518d\u88dc\uff0c\u5148\u4f86\u8a2d\u5b9aCisco\u8a2d\u5099\u4e0a\u9762\u7684\u8a2d\u5b9a\u3002<\/p>\n<p>\u9700\u6c42:\u7ba1\u7406\u8005\u767b\u5165\u6642\u9700\u8981\u8f38\u5165<a href=\"http:\/\/www.cisco.com\/en\/US\/products\/sw\/secursw\/ps2086\/index.html\">Cisco ACS<\/a>\u5167\u7684\u5e33\u865f\u5bc6\u78bc\uff0c\u82e5ACS\u7121\u6cd5\u9023\u7dda\uff0c\u4f7f\u7528\u5167\u5efa\u7684\u5bc6\u78bc\u3002Enable\u7684\u5bc6\u78bc\u9084\u662f\u5b58\u5728\u8a2d\u5099\u4e0a\u9762\u3002\u6240\u6709\u6307\u4ee4\u9700\u8981\u5b58\u5230<a href=\"http:\/\/www.cisco.com\/en\/US\/products\/sw\/secursw\/ps2086\/index.html\">Cisco ACS<\/a>\u4e0a\u9762\u505a<a href=\"http:\/\/en.wikipedia.org\/wiki\/AAA\">AAA<\/a>\u7684Accounting\u3002<\/p>\n<p>\u8a2d\u5b9a\u5982\u4e0b:<\/p>\n<blockquote><p>aaa new-model<br \/>\naaa authentication login router_admin group tacacs+ line enable<br \/>\naaa authorization exec router_admin if-authenticated<br \/>\naaa accounting exec default start-stop group tacacs+<br \/>\naaa accounting commands 15 default start-stop group tacacs+<\/p>\n<p>tacacs-server host 192.168.1.1<br \/>\ntacacs-server directed-request<br \/>\ntacacs-server key 1234<\/p>\n<p>line vty 0 4<br \/>\n password blah<br \/>\n login authentication router_admin\n<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>\u56e0\u70ba\u67d0\u4e9bISO27001\u9700\u6c42\uff0c<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[52,51,48,49,50],"class_list":["post-500","post","type-post","status-publish","format-standard","hentry","category-general","tag-aaa","tag-acs","tag-cisco","tag-iso27001","tag-tacacs"],"_links":{"self":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/500","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=500"}],"version-history":[{"count":2,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/500\/revisions"}],"predecessor-version":[{"id":895,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=\/wp\/v2\/posts\/500\/revisions\/895"}],"wp:attachment":[{"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=500"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=500"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ychsiao.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=500"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}