Figure 5-18 shows how to create a new policy called radius_local that
will use group radius as the ?¬?rst authentication method. Note that there are several
authentication methods that are available.
Figure 5-18 Creating a Logging Authentication Policy??”Group Radius
Figure 5-19 shows the addition of the local method as a second, backup authentication
method in case RADIUS fails.
136 Con?¬?guring AAA on Cisco Routers Using SDM
Figure 5-19 Creating a Logging Authentication Policy??”Local
Now you need to create (or modify) an authorization policy. In the Additional Tasks
window (see Figure 5-14), under AAA, expand Authorization Policies. You can either edit
an existing policy, by highlighting it and selecting the Edit button in the upper-right corner,
or create a new policy, by clicking the Add button. When AAA is enabled, a default
authorization policy is created, called default. Figure 5-20 shows the creation of a
new authorization policy called radius_local, which will use group radius as the ?¬?rst
method for authorization, and local as the second, or backup method.
Figure 5-20 Creating a Logging Authorization Policy
Con?¬?guring AAA on Cisco Routers Using SDM 137
After creating local authentication in the AAA con?¬?guration on the router, you need to add
user accounts to the local database.
Pages:
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125