What is AAA on Cisco IOS? Authentication, Authorization, and Accounting also know as AAA. You can configure your Cisco router to use AAA for user authentication, authorization, and accounting. Usually the AAA is used with external servers running the TACACS+, TACACS, or RADIUS protocol. In this example we are using external server running with TACACS+ protocol. After AAA implementation we don’t require separate password for Telnet, Http, Https, SSH, Console…Etc. All login attempts will be authenticated using the same credential by TACACS+ server and it also provides increased flexibility, control, scalability and multiple backup systems. AAA Configuration steps on Cisco Router to authenticate with external TACACS+ Server: 1. Turn-on AAA on the Router using ‘aaa new-model’ command and specify the TACACS+ server and secret key Cisco-Router(config)#aaa new-model Cisco-Router(config)#tacacs-server host 10.9.0.67 Cisco-Router(config)#tacacs-server host 10.90.0.67 Cisco-Router(config)#tacacs-server key <tacacs-server-key> Please note that the tacacs key must be the same as the secret tacacs key […]
In this post we will describe the configuration of TACACS+ server to run on windows environment. We will use Cisco’s original free TACACS+ server for windows with 4.0.4 version of tac_plus. NOTE: None of the TACACS+ code available for Windows here comes with any warranty or support. The following step by step configuration is. 1. First download the Cisco Tacacs+ server for Windows from here 2. Unzip the contents of the file to a directory of your choice Unzip the folder to C:tacacs. 3. Edit the tac.cfg configuration file or create a new one. To edit/create the configuration file use UNIX file friendly editor. NOTE: Use EditPlus for editing tac.cfg instead of notepad or WordPad.