Details
Specifies the AAA server-group and each individual server using the TACACS+ or RADIUS protocol
Rationale:
Authentication, authorization and accounting (AAA) scheme provide an authoritative source for managing and monitoring access for devices. Many protocols are supported for the communication between the systems and the AAA servers: http-form, kerberos, ldap, nt, radius, sdi, tacacs+.
Solution
* Step 1: Acquire the enterprise standard protocol (protocol_name) for authentication (TACACS+ or RADIUS)
* Step 2: Run the following to configure the AAA server-group for the required protocol
hostname(config)#aaa-server _
* Step 3: Run the following to configure the AAA server:
hostname(config)#aaa-server _
_server-group_name: _the above server-group configured
_interface_name: _the network interface from which the AAA server will be accessed
_aaa-server_ip: _the IP address of the AAA server
_shared_key: _the TACACS+ or RADIUS shared key
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.