Custom Search
|
|
Cisco Ccna (640-553) Security Training: Using The Aaa User Profile And Aaa Attribute Commands
In today’s article, I’m going to inform you about the Cisco IOS global configuration mode command named “aaa user profile” and the AAA-user configuration mode command named “aaa attribute”. Network administrators (like you) use the “aaa user profile” command to create an AAA (Authentication, Authorization, and Accounting) named user profile. Below are the syntax and an example of the command: Syntax: aaa user profile profile-name Example: Router(config)#aaa user profile cross As you can see, the command is really easy to implement, it’s performed while the router is in “Global” configuration mode, and in the above example; the router’s aaa user profile is named “cross”. It’s very important to remember that the name of an Authentication, Authorization, and Accounting (aaa) user profile should not exceed 63 characters in length because, all other additional characters will just be truncated. To remove an Authentication, Authorization, and Accounting user profile after you’ve created it, just use the word “no” in front of the “aaa user profile” command like you see in the example below: Example: Router(config)#no aaa user profile cross Well, that pretty much sums up the “aaa user profile” Global configuration mode command; so, let’s move on to the to the “aaa attribute” AAA-user configuration mode command. The first thing that I must inform you about the “aaa attribute” command is that it’s used in conjunction with the “aaa user profile” command. In other words, network administrators normally use both commands at the same time. Network administrators (like you) use the “aaa attribute” command, when the router is in AAA-user configuration mode, to add Calling Line Identification (CLID) and Dialed Number Identification Service (DNIS) attribute values to a aaa user profile. Below are the syntax and an example of the command: Syntax: aaa attribute {clid | dnis} attribute-value Example: Router#configure terminal Router(config)#aaa user profile cross Router(config-aaa-user)#aaa attribute clid clidvalue Router(config-aaa-user)#aaa attribute dnis dnisvalue Router(config-aaa-user)#end Router#copy run start In the example above, notice the “aaa attribute” command is being performed in AAA-user configuration mode. And, the Calling Line Identification attribute value for the user profile named cross is “clidvalue” and the Dialed Number Identification Service attribute value for the user profile named cross is “dnisvalue”. If you need to undo an attribute value (clid/dnis), just type the word “no” in front of the command like you see below: Router(config-aaa-user)#no aaa attribute clid clidvalue Remember, in order for you to use either one of the commands, your router(s) must be running Cisco IOS 12.4(4)T or higher. I hope this article was very informative and helped you quickly understand the usage of the aaa user profile and aaa attribute commands. If you want to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques. To your success, Article Directory: http://www.articledashboard.com Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ccnaittechtips.com |
|