Đang chuẩn bị liên kết để tải về tài liệu:
Cisco Secure ACS Switch Security for Controlled User Access

Your network consists of several network devices. You would like to configure access security to your devices by user where possible. You have a TACACS+ Cisco Secure Server for centralized authentication. Configure each device for secure access while also configuring local access as a fallback in case the ACS server is not available. The following information should be used. | Lab 10.2.4 Cisco Secure ACS Switch Security for Controlled User Access DLRouter t 10.1.1.254 24 Trunk 802.1q ALSwitch 2900XL Management PC 10.1.1.100 24 10.1.20.0 24 10.1.30.0 24 Marketing VLAN20 Accounting VLAN10 DLSwitch 4006 Engineering VLAN30 Objective Use Cisco Secure ACS security for controlled user access Scenario Your network consists of several network devices. You would like to configure access security to your devices by user where possible. You have a TACACS Cisco Secure Server for centralized authentication. Configure each device for secure access while also configuring local access as a fallback in case the ACS server is not available. The following information should be used. TACACS these must be created on the ACS server prior to this lab User smith Password cisco Enable password tacacs Key superman LOCAL User admin Password cisco Enable password enable Lab Tasks 1. Cable the lab as shown in the diagram. 2. The first device to be configured will be the Catalyst 2900XL. Log into the switch enter privileged mode clear the NVRAM and then restart. 3. Configure ALSwitch including all basic information and trunking information. a. Configure the hostname Switch config hostname ALSwitch b. Configure the switch trunking information on FastEthernet0 1 and PortFast on FastEthernet0 2 ALSwitch config interface FastEthernet0 1 ALSwitch config-if switchport trunk encapsulation dot1q ALSwitch config-if switchport mode trunk ALSwitch config interface FastEthernet0 2 ALSwitch config-if spanning-tree portfast c. Configure the IP address for the management VLAN. ALSwitch config interface VLAN1 ALSwitch config-if ip address 10.1.1.3 255.255.255.0 4. Configure ALSwitch security for local AAA authentication. a. Configure the security for local fallback authentication ALSwitch config aaa new-model ALSwitch config aaa authentication login default group tacacs local b. Configure the security for ACS authentication ALSwitch config aaa authentication enable default group .