Cisco secure access control system configuration
- #CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION HOW TO#
- #CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION SOFTWARE#
- #CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION SERIES#
cisco-support: Cisco support personnel tasks.These predefined task groups are available for administrators to use, typically for initial configuration: Use these command to check the predefined user groups: RP/0/RSP1/CPU0:ASR9k#show aaa usergroup ? The root-system user group has predefined authorization that is, it has the complete responsibility for root-system user-managed resources and certain responsibilities in other services. Perform service administration tasks, such as Session Border Controller (SBC). Perform system administration tasks for the router, such as maintaining where the core dumps are stored or setting up the Network Time Protocol (NTP) clock. Perform day-to-day monitoring activities, and have limited configuration rights.ĭisplay and execute all commands within a single RP.ĭisplay and execute all commands for all RPs in the system. These user groups are predefined on IOS XR: User Groupĭebug and troubleshoot features (usually, used by Cisco Technical Support personnel).Ĭonfigure network protocols such as Open Shortest Path First (OSPF) (usually used by network administrators). The administrator can either use these predefined groups or define custom groups as per the requirement. There are predefined user groups and task groups in IOS XR. Configuration Predefined Components on IOS XR If your network is live, make sure that you understand the potential impact of any configuration change.
All of the devices used in this document started with a cleared (default) configuration. The information in this document was created from devices in a specific lab environment. ASR 9000 with Cisco IOS XR Software, Version 4.3.4.
#CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION SOFTWARE#
The information in this document is based on these software and hardware versions: ASR 9000 deployment and basic configuration.Prerequisites RequirementsĬisco recommends that you have knowledge of these topics: Accounting commands are used for logging of sessions and to create an audit trail by recording certain user- or system-generated actions. Authorization commands are used to verify that an authenticated user (or principal) is granted permission to perform a specific task. Authentication commands are used to verify the identity of a user or principal. User groups and task groups are configured through the Cisco IOS XR software command set used for Authentication, Authorization and Accounting (AAA) services.
#CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION HOW TO#
The major tasks required to implement task-based authorization involves how to configure user groups and task groups. This examples the implementation of the administrative model of task-based authorization used to control user access in the Cisco IOS XR software system.
#CISCO SECURE ACCESS CONTROL SYSTEM CONFIGURATION SERIES#
This document describes the configuration of ASR 9000 series Aggregation Services Router (ASR) to authenticate and authorize via TACACS+ with Cisco Secure Access Control Server (ACS) 5.x server.