background image
Foundation Summary 387
Foundation Summary
The Foundation Summary is a collection of information that provides a convenient review of
many key concepts in this chapter. For those of you already comfortable with the topics in this
chapter, this summary could help you recall a few details. For those of you who just read this
chapter, this review should help solidify some key facts. For any of you doing your final
preparation before the exam, these tables and figures will hopefully be a convenient way to
review the day before the exam.
The general syntax for AAA authentication is as follows:
aaa authentication [login
| enable | arap | ppp | nasi] method
Each of the arguments for the aaa authentication command specifies how the user is
accessing the router. Is it locally through a physical port (login) or is it through a dial facility
encapsulated for Novell, Apple, or PPP (NASI, ARAP, or PPP)?
The list that follows documents each valid command argument and the question that is being
answered by that argument:
·
aaa authentication login--How do I authenticate the login dialog?
·
aaa authentication enable--Can the user get to the privileged command prompt?
·
aaa authentication arap--This command answers this question: Does the AppleTalk
Remote Access Protocol (ARAP) user use RADIUS or TACACS+? (One must be
selected.)
·
aaa authentication ppp--What method should be used if a user is coming over a PPP
connection?
·
aaa authentication nasi--What method should be used if a user is coming over NASI?
The general syntax for the aaa authorization command is as follows:
aaa authorization do-what? check-how?
The do-what? arguments can be any of the following:
·
network
·
exec
·
command level
·
reverse-access
The check-how? arguments can be any of the following:
·
if-authenticated
·
tacacs+