Telekommunikatsiya texnologiyalari va kasb ta’limi fakulteti
Download 0.6 Mb.
|
10-lab
|
Bajarish bo‘yicha ko‘rsatmalar
AAA-serverni sozlash uchun sichqonchaning chapki tugmasini serverning modeli bo‘yicha bosish, konfiguratsiyalash oynasini ochish, «Config» qismiga o‘tish (10.3-rasm, 1-marker) va «AAA» tugmasini bosish (10.3-rasm, 2-marker). User Name (10.3-rasm, 7-marker) – tarmoq elementiga ulanish uchun foydalanuvchining nomi (logini); Password (10.3-rasm, 8-marker) – tarmoq elementiga ulanish uchun parol; yuqorida sanab o‘tilgan parametrlar qiymatlari ko‘rsatilganidan keyin AAA-serverga mos yozuvlarni qo‘shish uchun «+» tugmasini bosish (10.3-rasm, 6-va 9-markerlar) kerak bo‘ladi. 10.3 - rasm. AAA-serverni konfiguratsiya oynasi Marshrutizatorlarning interfeyslari aktivlashtirilganidan keyin marshrutizatordagi AAA-mijozni sozlash kerak bo‘ladi. Buning uchun quyida keltirilgan komandalar ketma-ketligini bajarish kerak. kodi Router> Router> Router> Router>en Router>enable Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Router(config)# Router(config)#int Router(config)#interface g0/0 Router(config-if)#no sh Router(config-if)#no shutdown Router(config-if)# %LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up Router(config-if)# Router(config-if)#no shutdown Router(config-if)# Router(config-if)#ip Router(config-if)#ip add Router(config-if)#ip address % Incomplete command. Router(config-if)#ip address 1.0.0.1 255.0.0.0 Router(config-if)# Router(config-if)# Router(config-if)#ex Router(config-if)#exit Router(config)#aaaaa new Router(config)#aaa new- Router(config)#aaa new-model Router(config)#aaa % Incomplete command. Router(config)#aaa ? accounting Accounting configurations parameters. authentication Authentication configurations parameters. authorization Authorization configurations parameters. new-model Enable NEW access control commands and functions.(Disables OLD commands.) Router(config)#aaa auth Router(config)#aaa authen Router(config)#aaa authentication ? enable Set authentication lists for enable. login Set authentication lists for logins. ppp Set authentication lists for ppp. Router(config)#aaa authentication ena Router(config)#aaa authentication enable ? default The default authentication list. Router(config)#aaa authentication enable defa Router(config)#aaa authentication enable default ? enable Use enable password for authentication. group Use Server-group. none NO authentication. Router(config)#aaa authentication enable default gro Router(config)#aaa authentication enable default group ? radius Use list of all Radius hosts. tacacs+ Use list of all Tacacs+ hosts. Router(config)#aaa authentication enable default group ra Router(config)#aaa authentication enable default group radius Router(config)#aaa % Incomplete command. Router(config)#aaa authe Router(config)#aaa authentication ? enable Set authentication lists for enable. login Set authentication lists for logins. ppp Set authentication lists for ppp. Router(config)#aaa authentication login % Incomplete command. Router(config)#aaa authentication login defa Router(config)#aaa authentication login default gr Router(config)#aaa authentication login default group radius Router(config)# Router(config)# Router(config)# Router(config)#aaa authe Router(config)#aaa authentication ? enable Set authentication lists for enable. login Set authentication lists for logins. ppp Set authentication lists for ppp. Router(config)#aaa author Router(config)#aaa authorization % Incomplete command. Router(config)#aaa authorization ? exec For starting an exec (shell). network For network services. (PPP, SLIP, ARAP) Router(config)#aaa authorization ex Router(config)#aaa authorization exec ? WORD Named authorization list. default The default authorization list. Router(config)#aaa authorization exec de Router(config)#aaa authorization exec default ? group Use Server-group. if-authenticated Succeed if user has authenticated. local Use local database none No authorization (always succeeds). Router(config)#aaa authorization exec default group? group Router(config)#aaa authorization exec default group rad Router(config)aaa authentication login default group radiusaaa authentication login default group radius Router(config)# Router(config)# Router(config)#ra Router(config)#radius-server ? host Specify a Radius server key Set Radius encryption key. Router(config)#radius-server hos Router(config)#radius-server host ? A.B.C.D IP address of Radius server Router(config)#radius-server host 1.1.1.1? A.B.C.D Router(config)#radius-server host 1.1.1.1 ? auth-port UDP port for RADIUS authentication server (default is 1645) key per-server encryption key (overrides default) Router(config)#radius-server host 1.1.1.1 key Router(config)#radius-server host 1.1.1.1 key % Incomplete command. Router(config)#radius-server host 1.1.1.1 key nuriddin ? Router(config)#radius-server host 1.1.1.1 key 20002703 ? Router(config)#radius-server host 1.1.1.1 key 20002703 ? Router(config)#radius-server host 1.1.1.1 key 20002703 Router(config)# Router(config)# Router(config)#hos Router(config)#hostname Nuriddin Xulosa Men ushgu labaratoriya ishida serverga kirish va xavfsizlgini ta’minlash va parol orqali kirish serverga ulangan swichlarni boshqarishni o’rgandim Download 0.6 Mb. Do'stlaringiz bilan baham: 
|