这里使用直接使用用户接入路由器后基于路由器配置AAA认证
配置
[R1]int GigabitEthernet 0/0/0 #进入接口
[R1-GigabitEthernet0/0/0]ip address 192.168.10.2 255.255.255.0 #在接口里面配置IP地址
[R1-GigabitEthernet0/0/0]undo shutdown #开启接口 [R1]aaa #开启aaa认证
[R1-aaa]local-user dcc password cipher 123456 privilege level 15 #创建用户, level是优先级为15
[R1-aaa]local-user dcc service-type telnet #设置用户的服务类型为Telnet
[R1]user-interface vty 0 4 #允许五个用户登录 [R1-ui-vty0-4]authentication-mode aaa #设置密码为aaa
测试
<R1>telnet 192.168.10.2
Press CTRL_] to quit telnet mode
Trying 192.168.10.2 ...
Connected to 192.168.10.2 ...
Login authentication
Username:hwx
password:
<R1>sys
Enter system view, return user view with Ctrl+Z.