Posts from ‘Identity Management’
Join us Friday, June 25th at 11AM Pacific / 2PM Eastern for another installment in the Open Lecture Series.
The topic that will be covered is Privilege Levels and Role Based CLI.
We look forward to seeing you there. Seats are limited.
IOS Local AAA is one feature that is often overlooked for some reason. It allows turning your router into almost full-functional AAA server, allowing not only local authentication of remote VPN users but also local authorization for protocols like PPP (used with PPTP/PPPoE or dialup) or IKE (used with ezVPN). Best of all, you can use per-user attribute lists with PPP (alas, it does not seem to work with IKE). With per-user attribute-lists you can apply specific configuration policy with maximum granularity. First, here is the link from Cisco’s documentation site, just for your information:
Next, the syntax for using per-user AAA is relatively straightforward. First, you create an AAA attribute list using the command aaa attribute list: