Custom Search
|
|
Cisco Ccna (640-553) Security Training: Using The Aaa Authorization Reverse-access Command
So on that note let’s begin, CCNA’s (like you) use the “aaa authorization reverse-access” command to tell (configure) a network access server (NAS) router to request authorization information from either a TACACS+ or RADIUS security server before allowing a user to establish a reverse Telnet session. In other words, an internal network administrator may sometimes need to perform a reverse Telnet session, so in order to gain control of a modem that is connected to a network access server (NAS) router; so he or she can make a call. If the network access server (NAS) router is configured with the “aaa authorization reverse-access” command, the router will check with either a TACACS+ or RADIUS security server first, to see if it’s o.k. for the network administrator to establish a reverse Telnet session to gain control of the modem to make the call. Note: If a network access server (NAS) router is not configured with the command, it will automatically authorize all reverse Telnet sessions by default. Below is the command’s syntax: aaa authorization reverse-access {group radius | group tacacs+} As you can see, the command is fairly simple to use; and it only has two keywords “group radius” or “group tacacs+”. group radius – This keyword is used to specify that the network access server router will request authorization from a RADIUS security server before allowing a user to establish a reverse Telnet session. group tacacs+ -- This keyword is used to specify that the network access server router will request authorization from a TACACS+ security server before allowing a user to establish a reverse Telnet session. And, like with mostly all Cisco IOS commands; you can use the word “no” in front of the command to remove (disable) the configured command; like you see below: Router(config)#no aaa authorization reverse-access {group radius | group tacacs+} By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.0(5)T or higher. I hope this article was very informative and helped you quickly understand the usage of the aaa authorization reverse-access command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques. To your success, Article Directory: http://www.articledashboard.com Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ccnaittechtips.com |
|