|
You can configure the access server to restrict the user to perform only certain functions after successful authentication. Use the
aaa authorization
command in global configuration mode to select the function authorized and the method of authorization, as follows
:
Router(config)#aaa authorization
{network | exec | commands level | config-commands |
reverse-access}
{default | listname}
{if-authenticated | local | none | radius |
tacacs+ | krb5-instance}
 |
 |
Lab
Activity |
| |
The
Denver
office needs to authorize a backup user to issue
a few privilege level commands. In this
lab, you will setup AAA Authorization on this
router and test each user account. |
|
|
|
Character Mode Authorization Example
Example
shows an example of a character mode authorization. Character mode authorization commands are as described in Table
.
Packet Mode Authentication and Authorization Example
Example
shows an example of packet mode authentication and authorization with AAA. Table
contains descriptions of the commands used in the preceding configuration.
|