! define ISE server
tacacs server ISE
address ipv4 x.x.x.x
key *******
!if you don't define an AAA server group for ISE, the
default tacacs AAA group called tacacs+
!ISE defined above will be added to group tacacs+
automatically
!use default keyword in AAA commands, refer default
tacacs group tacacs+
aaa new-model
aaa authentication login default group tacacs+ local
aaa authentication login NOAUTH none
aaa authorization exec default group tacacs+ local if-authenticated
aaa authorization commands 1 default group tacacs+ local if-authenticated
aaa authorization commands 15 default group tacacs+ local if-authenticated
aaa authorization config-commands
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
!!When use default key word in above AAA commands, you
don't need specify AAA in line VTY configuration
line con 0
login authentication NOAUTH
line vty 0 4
logging synchronous
!
Comments
Post a Comment