💡
Network Fundamentals
  • About This Site
  • Network
  • Medium
  • Types of Network:
  • LAN
  • MAN
  • WAN
  • Internet
  • Types of Internet Connections
  • Cable Connection
  • DSL Connection
  • Internet Standard & Protocols
  • Internet Networking Model
  • SNA Networking Model
  • OSI Networking Model
  • TCP-IP Networking Model
  • TCP-IP Layers
  • Application Layer
  • HTTP (Hyper Text Transfer Protocol)
  • Transport Layer
  • TCP (Transmission Control Protocol)
  • Network Layer
  • IP (Internet Protocol)
  • IPv4:
  • IPv4 Address parts
  • IPv4 Address Classes
  • IPv6:
  • Data-Link Layer
  • Physical Layer
  • An Ethernet
  • A SOHO LAN Network
  • An Enterprise LAN Network
  • Physical Layer Standards
  • Data-Link Layer Standards
  • Transmitting Data over Ethernet UTP
  • Transmitting Data over Fiber Optic Cable (using Hot-Pluggable Transceivers)
  • Cabling Pinouts (Ethernet UTP)
  • Cabling Pinouts (Fiber Optic)
  • Ethernet Standards (UTP)
  • Ethernet Standards (Fiber Optic)
  • LAN Data-Link Layer Protocols
  • Ethernet Addressing (MAC)
  • Types of Networking Devices
  • HUB
  • SWITCH
  • CSMA/CD (Carrier Sense Multiple Access / Collision Detection):
  • Lease-Line WAN
  • WAN Data-Link Layer Protocols
  • HDLC Encapsulating and Re-encapsulating
  • Ethernet WAN (EoMPLS)
  • IP Routing (BIG FLOW)
  • Router
  • Subnetting
  • Binary Rules
  • Binary Method Example 1
  • Binary Method Example 2
  • Binary Method Example 3
  • Subnetting Quick Method Rules
  • Subnetting Quick Method Example 1
  • Subnetting BEST Method Rules
  • Subnetting BEST Method Example 1
  • Subnetting BEST Method Example 2
  • Subnetting BEST Method Example 3a
  • Subnetting BEST Method Example 3b
  • Subnetting BEST Method Example 3c
  • Subnetting BEST Method Example 4
  • Dynamic Routing Protocol
  • DNS (Domain Name System)
  • ARP (Address Resolution Protocol)
  • PING (Packet Internet Groper)
  • Cisco OS (IOS)
  • Memory Types
  • Cisco CLI
  • Console Port:
  • Telnet Access (Teletype network) (P No. 23):
  • SSH (Secure Shell) (P No. 22)
  • Console Cabling
  • CLI Modes
  • Securing User Mode and Privileged Mode
  • Securing User & Privileged Mode For Console Users
  • Securing User & Privileged Mode For Telnet Users
  • Securing User & Privileged Mode For SSH Users
  • AAA (Authentication, Authorization and Accounting) Server
  • AAA 802.1x Protocols(Radius & TACACS+)
  • Ethernet LAN Switching
  • VLAN
  • Configuring VLAN
  • VTP (Vlan Trunking Protocol)
  • Trunk Port
  • Trunking Protocol (802.1Q)
  • DTP (Dynamic Trunking Protocol)
  • Voice VLAN
  • Why STP?
  • What STP Does?
  • How STP works?
  • STP Messages (BPDU)
  • Electing a RB (Root Bridge/Switch)
  • Electing One Root Port (on each Non RB)
  • Elect One/Multiple Designated Ports on each Non RB:
  • Changing the STP Settings:
  • STP (Spanning Tree Protocol)
  • STP Convergence (if something changes/link fails):
  • STP (Spanning Tree Protocol) Versions
  • STP/RSTP States:
  • PortFast
  • BPDU Guard
  • RSTP (Rapid Spanning Tree)
  • Port Roles in RSTP
  • RSTP Port States
  • Ether Channel
  • Switched Virtual Interface
  • Half Duplex
  • Full Duplex
  • Autonegotiation
  • Duplex Mismatch:
  • Verifying Duplex Mismatch
  • Number History
  • 10 to the power of x
  • 2 to the power of x
Powered by GitBook
On this page

AAA (Authentication, Authorization and Accounting) Server

PreviousSecuring User & Privileged Mode For SSH UsersNextAAA 802.1x Protocols(Radius & TACACS+)

Last updated 4 years ago

In an Enterprise Network where there are hundreds of thousands of Switches so it is not possible to configure/change the passwords regularly & on each and every device manually/locally.

  • AAA servers centralize the Authentication of the user of a Network (hold the usernames/passwords of all the devices of that Network).

  • It authenticates the password before a user can access the Network.

  • AAA Server like Cisco ACS (Access Control Server) Servers uses 802.1x Protocols like RADIUS (Remote Authentication Dial-In User Service) / TACACS+ (Terminal Access Controller Access-Control System Plus) for authentication [[202012050659 AAA 802.1x Protocols (Radius & TACACS+)]].

  • AAA Server may use Local Data Base or AD for storing those Usernames & passwords.

    Flow:

  • PC (also running 802.1x compliant Software) will put in the Username & Password & try to login the Switch/Router (Authenticator) using Telnet/SSH.

  • Switch then forwards that frame (without reading) to the AAA Servers using 802.1x Protocols like RADIUS / TACACS+ for authentication/approval of those Username/Passwords.

  • If credentials matches then AAA Server will reply in affirmation to Switch (Authenticator) which then permits the client to the Network.

Reference:

  • CCNA 200-301 OCG, Volume 1, Pg. 136 - Wendell Odom.

Secure the CLI
https://courses.davidbombal.com/courses/267624/lectures/4159176