|
Understanding router
access modes is the key to understanding the AAA commands and how
they work to secure your NAS.
With the exception of
the
aaa accounting system
command, all the AAA commands apply
to either character mode or packet mode. The Table can help you
decode the meaning of an AAA command by associating the AAA command
element with the connection mode to the router.
Primary applications for
the Cisco Secure ACS include securing dialup access to a network and
securing the management of routers within a network. Both
applications have unique AAA requirements. With the Cisco Secure ACS,
system administrators can select a variety of authentication methods
to provide a set of authorization privileges. These router ports
need to be secured by using the Cisco IOS software and a Cisco
Secure server.
The AppleTalk Remote
Access Protocol (ARAP) is an exception. ARAP behaves as both a
character-mode and packet-mode connection. For example, ARAP
authentication takes place in character mode, whereas ARAP access
lists apply to packet mode.
|