Custom Search

Cisco Ccna (640-553) Security Training: Using The Aaa Cache Profile Command

In today’s article, I’m going to quickly inform you about the Cisco IOS global configuration mode command named “aaa cache profile”.

Network administrators (like you) use the “aaa cache profile” command to create a “named” authentication and authorization cache profile group; and once the command is typed, it places the router into profile map configuration mode. Router(config-profile-map)#

Another way of explaining it is CCNA’s use the command to define or modify an authentication or authorization cache group.

Below is the command’s syntax:

aaa cache profile group-name

As you can see, the command is really easy to implement, the group-name argument is used to specify an authentication and authorization group; but, keep in mind duplicate group names can’t be used.

After you’ve configured the router with the command and the router has been placed into profile map configuration mode (config-profile-map) you can use the following commands to specify cache profile parameters.

profile—This command specifies an exact profile match to cache. The profile name must be an exact match to the username being queried by the service authentication or authorization request. This is the recommended format to enter profiles that users want to cache.

regexp—This command allows entries to match based on regular expressions. Matching on regular expressions is not recommended for most situations.

The any keyword, which is available under the regexp submenu, allows for any unique instance of an AAA Server Response that matches the regular expression to be saved in the cache. The only keyword allows for only one instance of an AAA Server Response that matches the regular expression to be saved in the cache.

all—This command specifies that all authentication and authorization requests are cached. Using the all command makes sense for certain service authorization requests, but it should be avoided when dealing with authentication requests.

And, just like mostly all Cisco IOS commands; you can use the word “no” in front of the command to remove (disable) the configured command; like you see below:

Router(config)#no aaa cache profile ittechtips

By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.2(28)SB or higher.

I hope this article was very informative and helped you quickly understand the usage of the aaa cache profile command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.

To your success,

By: Charles E Ross

Article Directory: http://www.articledashboard.com

Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ccnaittechtips.com

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Join Our Community
Sign Up for an account or learn more.
Sponsored Links
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard