[OSL | CCIE_RS] IPExpert Workbook Lab 13

Sun, 24 Jun 2007 05:00:21 -0700 

Hi,

Regarding lab 13 question 4 which uses the AAA Attribute lists, it seems
that only attributes that do not depend on service or protocol are working
for tty connections and local authorizaton. This comes down to the same
things you can configure using the username command.

*Mar  1 06:27:56.975: AAA/BIND(00000014): Bind i/f
*Mar  1 06:27:56.975: AAA/AUTHEN/LOGIN (00000014): Pick method list
'default'
*Mar  1 06:27:56.979: AAA SRV(00000014): process authen req
*Mar  1 06:27:56.979: AAA SRV(00000014): Authen method=LOCAL
*Mar  1 06:27:56.983: AAA SRV(00000014): protocol reply GET_USER for
Authentication
*Mar  1 06:27:56.983: AAA SRV(00000014): Return Authentication
status=GET_USER
*Mar  1 06:27:58.699: AAA SRV(00000014): process authen req
*Mar  1 06:27:58.699: AAA SRV(00000014): Authen method=LOCAL
*Mar  1 06:27:58.703: AAA SRV(00000014): protocol reply GET_PASSWORD for
Authentication
*Mar  1 06:27:58.703: AAA SRV(00000014): Return Authentication
status=GET_PASSWORD
*Mar  1 06:28:00.895: AAA SRV(00000014): process authen req
*Mar  1 06:28:00.895: AAA SRV(00000014): Authen method=LOCAL
*Mar  1 06:28:00.895: AAA SRV(00000014): protocol reply PASS for
Authentication
*Mar  1 06:28:00.899: AAA SRV(00000014): Return Authentication status=PASS
*Mar  1 06:28:00.899: AAA/AUTHOR (0x14): Pick method list 'default'
*Mar  1 06:28:00.899: AAA SRV(00000014): process author req
*Mar  1 06:28:00.899: AAA SRV(00000014): Author method=LOCAL
*Mar  1 06:28:00.903: AAA SRV(00000014): protocol reply PASS for
Authorization
*Mar  1 06:28:00.903: AAA SRV(00000014): Return Authorization status=PASS
*Mar  1 06:28:00.903: AAA/AUTHOR/EXEC(00000014): processing AV cmd=
*Mar  1 06:28:00.903: AAA/AUTHOR/EXEC(00000014): processing AV priv-lvl=1
! The attribute pairs below come from the attributes list. "sipro" is an
alias.
*Mar  1 06:28:00.903: AAA/AUTHOR/EXEC(00000014): processing AV acl=2
*Mar  1 06:28:00.903: AAA/AUTHOR/EXEC(00000014): processing AV priv-lvl=15
*Mar  1 06:28:00.907: AAA/AUTHOR/EXEC(00000014): processing AV autocmd=sipro
*Mar  1 06:28:00.907: AAA/AUTHOR/EXEC(00000014): Authorization successful

The user+ip control for tty connections asked in this question does not seem
to work. Can anyone confirm that this is the case? The machine runs 12.4
code.

Kind regards,

Kim

Reply via email to