Professional Documents
Culture Documents
Autorizacin y Registro de
Auditoria
Password: cisco
Password: cisco1
Internet Password: cisco12
% Bad passwords
Accounting
What did you spend it on?
Router(config)#
aaa local authentication attempts max-fail [number-of-unsuccessful-attempts]
Keyword Description
number-of-unsuccessful- Number of unsuccessful authentication attempts before a
attempts connection is dropped.
R1# conf t
R1(config)# username alex secret Str0ngPa55w0rd
R1(config)# username julio secret Str0ng5rPa55w0rd
R1(config)# aaa new-model
R1(config)# aaa authentication login default local-case enable
R1(config)# aaa authentication login TELNET-LOGIN local-case
R1(config)# line vty 0 4
R1(config-line)# login authentication TELNET-LOGIN
ALEX ALEX
Password prompt?
Accept/Reject
Access-Request
Username:? (ALEX, Str0ngPa55w0rd)
ALEX Access-Accept
Password:?
Str0ngPa55w0rd
Product Cisco Secure ACS est disponible en tres opciones: Cisco Secure ACS Solution Engine,
flexibility Cisco Secure ACS Express y Cisco Secure ACS para Windows.
Integration Estrecho acoplamiento con los routers Cisco IOS y soluciones VPN.
Cisco Secure ACS ofrece soporte de servidor token para cualquier proveedor de contrasea
Third-party
de un solo uso (OTP) que proporciona una interfaz RADIUS compatible con RFC, como
support
RSA, PassGo, Secure Computing, ActiveCard, Vasco, o CryptoCard.
Proporciona cuotas dinmicas para restringir el acceso segn la hora del da, el uso de la
Control
red, el nmero de sesiones registradas, y el da de la semana.
R1
192.168.1.101
Parameter Description
R1
Display show
Accept
version output
Do not permit
Reject
configure terminal
R1# conf t
R1(config)# username JR-ADMIN secret Str0ngPa55w0rd
R1(config)# username ADMIN secret Str0ng5rPa55w0rd
R1(config)# aaa new-model
R1(config)# aaa authentication login default group tacacs+
R1(config)# aaa authentication login TELNET-LOGIN local-case
R1(config)# aaa authorization exec default group tacacs+
R1(config)# aaa authorization network default group tacacs+
R1(config)# line vty 0 4
R1(config-line)# login authentication TELNET-LOGIN
R1(config-line)# ^Z
line vty 0 4
authorization commands 15 VTY
authorization exec VTY
accounting commands 1 VTY
accounting commands 7 VTY
accounting commands 15 VTY
accounting exec VTY
login authentication VTY