Last updated 4 years ago
Find the Root Bridge
最小:priority ( 可手動設定,預設值為32768 + Vlan ID) + MAC address
32768 + Vlan ID
Find the Root Port
Find the Designated Port ( D Port )
do sh spanning-tree
ip 192.168.1.1 255.255.255.0
ping 192.168.1.2
ip 192.168.1.2 255.255.255.0
ping 192.168.1.1
int range e0/0 - 1
channel-group 1 mode on
do sh etherchannel summary
shut
no shut
wget ftp://ftp.shrubbery.net/pub/tac_plus/tacacs-F4.0.4.28.tar.gz
tar zxvf tacacs-F4.0.4.28.tar.gz
cd tacacs-F4.0.4.28
./configure
apt install bison
apt install bison --fix-missing
apt install libwrap0-dev
make install
gedit /etc/ld.so.conf
include /etc/ld.so.conf.d/*.conf /usr/lib
ip addr add 192.168.1.2/24 brd + dev eth0
新增 user
useradd anida
passwd anida
安裝 tac plus
./tac_pwd
gedit tac_plus.conf
key = ccie accounting file = /var/log/tac.acct user = user { member = user5 login = des aerYSwBGbhIlo } group = user5 { service = exec { priv-lvl = 5 } }
執行 tacacs+ server
./tac_plus -C ./tac_plus.conf -G
int e0/0
ip add 23.1.1.2 255.255.255.0
exit
啟動 AAA New-Model
aaa new-model
設定 TACACS+ 資料
tacacs server TACACS-SERVER
add ipv4 192.168.1.2
key ccie
設定 Authentication
aaa authentication login List_Login group tacacs+ local
line console 0
login authentication List_Login
line vty 0 4
aaa authentication enable default group tacacs+ enable
設定 Authorization
aaa authorization exec List_Priv group tacacs+ local
authorization exec List_Priv
aaa authorization console
設定 Accounting
accounting exec List_Acc
accounting commands 5 List_Comm_5
accounting commands 10 List_Comm_10
accounting commands 15 List_Comm_15
do telnet 23.1.1.3
ip add 23.1.1.3 255.255.255.0
int e0/1
ip add 192.168.1.1 255.255.255.0
