Jump to content

Search the Community

Showing results for tags 'aaa'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • ANNOUNCEMENTS
    • ANNOUNCEMENTS
  • CERTIFICATION - - - - - NO REQUESTS IN THESE FORUMS - - - - -
    • CISCO SYSTEMS
    • COMPTIA
    • LINUX
    • MICROSOFT
    • ORACLE
    • PROJECT MANAGEMENT
    • SECURITY CERTIFICATIONS
    • SUN MICROSYSTEMS
    • WIRELESS
    • OTHER CERTIFICATIONS
  • CISCO TECHNICAL SECTION
    • CISCO LABS
    • GNS3
    • NETWORK INFRASTRUCTURE
    • SECURITY
    • WIRELESS
    • SERVICE PROVIDERS
    • COLLABORATION, VOICE AND VIDEO
    • DATA CENTER
    • SMALL BUSINESS
  • MICROSOFT TECHNICAL SECTION
  • OTHER TECHNICAL SECTION
  • TRAINING OFFERS & REQUESTS
  • CERTCOLLECTION MALL
  • GENERAL FORUMS
  • COMMUNITY CENTER

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 5 results

  1. sallywally

    AAA Server

    Guys, Any recommendation for AAA to control access to routers and switches? I've read about cisco ACS but what else is there? We have a multi-vendor environment composed of cisco,juniper,brocade as well as extreme. Thank you.
  2. Hi please share ISE-2.0.0.306-virtual-SNS3415.ova
  3. I would like to deploy ISE 1.3 for some training, I got the trial but its is expiring and it doesn't allow to take backup or do a restore. I heard there is a NFR image that is available only to authorized partner, and that this image is valid for one year. can someone please help ? thank you
  4. plswnp

    My K7 exam

    I finished K7 exam. Failed. Following is my report Section 1 7x% Section 2 7x% Section 3 100% Section 4 4x% Section 5 50% For Section 4, I used blue print of anita who got 7x% on this section. I have no idea on getting low score on this section as well as section 1 and 2. I will go through this section later. Let’s start with section 5 first. 5.1 Implement Netflow Configure Netflow on R1 according to the following requirements Enable Netflow on R1 facing BB1 to monitor traffic in both way direction Export the flows to the server YY.YY.56.100 port 2222 In case the export to server fails then export data to backup server YY.YY.56.101 port 2222 Generate netflow sample one out-of-every 1000 packets Use R1 Loopback as source address for the exports /no this sentence Use Netflow version 9 with full reliability transfer Do not use policy-map My answer On R1 ip cef ip flow-export source Loopback0 ip flow-export version 9 ip flow-export destination YY.YY.56.100 2222 sctp backup destination YY.YY.56.101 2222 flow-sampler-map FLOW mode random one-out-of 1000 ip flow-export template options sampler interface fastethernet 0/1 flow-sampler FLOW flow-sampler FLOW egress I think I got point on this question 5.2 Implement SNMP Configure SNMP on R3 as per the following requirements Use location San Jose, USA Use contact [email protected] Use R3 loopback0 interface for SNMP trap as source A SNMPv3 group “admin” has a user with a view privilege “adminview” and must view only ISO mib. A SNMPv3 group “admin” has a user with a view privilege “adminwrite” and must write only system mib. Ensure that group admin should be set with strongest security mechanism. A user “ccie” should be from group “admin” and use md5 password of “cisco” (case sensitive) Ensure that admin group only allow users access from YY.YY.17.0/24 Use a SNMP v2c instance for nms with read-only access in YY.YY.67.0/24 to accomplish this task. My ans access-list 17 permit 8.8.17.0 0.0.0.255 access-list 67 permit 8.8.67.0 0.0.0.255 snmp-server community nms ro 67 snmp-server group admin v3 priv read adminview write adminwrite access 17 snmp-server user ccie admin v3 auth md5 cisco snmp-server view adminview iso included snmp-server view adminwrite system included snmp-server trap-source Loopback0 snmp-server location San Jose, USA snmp-server contact [email protected]
  5. Hi there! My first post since I joined this forum and I hope I am posting on the right section. I am having problems trying to understand how the AAA Authorization works with RADIUS and TACACS. (I am CCNA certified and now studying for the CCNA Security one) When everything is local you manage authentication with local database (username ... privilege ... secret ...) and for authorization you have two options: privilege levels and parser views. How are exactly these two local authorization options transfered to the server? I have been reading a lot about it but still does not get it probably cause I do not know how things are configured on the server side. Some of my doubts. -With RADIUS authentication and authorization are done together then: what is authorized once I go authenticated? all? -With TACACS authentication and authorization are done separately but still you use the same username and password and you are only prompted once, then what is it exactly the difference with RADIUS? -Can you specified a privilege level and/or parser view on a RADIUS server? TACACS+? ----If yes, are the commands associated with these privilege levels/parser views defined on the server or the router? ----If no, how does the server handle the authorization? I am not sure how dumb are these questions, I just cant seem to get the whole authorization thing. I have been reading and I will keep googling for it but if in the meanwhile any of you can dumb it down it will be much appreciated. Cheers!
×
×
  • Create New...