#vir telnet 10.1.1.1 (一般使用global地址) #access-list auth permit tcp any any eq http #access-list auth permit tcp any any eq telnet //http和telnet協議捆綁抓流量 #aaa-server 3a protocol tacacst+ #aaa-server 3a host 20.1.1.241 //20.1.1.241

#vir telnet 10.1.1.1 (一般使用global地址)

#access-list auth permit tcp any any eq http
#access-list auth permit tcp any any eq telnet //http和telnet協議捆綁抓流量
#aaa-server 3a protocol tacacst+
#aaa-server 3a host 20.1.1.241 //20.1.1.241是aaa服務器
#key cisco
#exit
#test aaa-server authentication 3a host 20.1.1.241 username pixaaa password cisco //驗證3a上的用戶名和密碼
#aaa authentication auth inside 3a //調用"auth"流量做3a驗證

#show uauth

授權：
#access-list auth permit icmp any any
#aaa authorization match auth inside 3a //抓取"auth"這個acl做授權

查看原文：http://www.laogebo.com/archives/335.html

老胳膊BLOG

聲明：本網頁內容旨在傳播知識，若有侵權等問題請及時與本網聯系，我們將在第一時間刪除處理。TEL:177 7030 7066 E-MAIL:11247931@qq.com