AAA Configuration and Security Protocols (2025
Updated) – TACACS+, RADIUS, and Cisco AAA
Commands Explained | Complete CCNP Study
Reference
TCP 49 ✔✔TACACS+ port
UDP 1812 & 1813 ✔✔RADIUS port(s)
#aaa new-model ✔✔Global command to enable aaa
#tacacs-server host x.x.x.x key "CCNP" ✔✔Command to set tacacs+ server info
#radius-server host x.x.x.x key "CCNP" ✔✔Command to set a radius server info
#aaa authentication login default group tacacs+ local none ✔✔Example command to set
"default" login method for authentication to tacacs, then local and then none
#login authentication default ✔✔Command to set login authentication to use the "default"
method
#aaa authorization exec default group tacacs+ local ✔✔Example command to set exec
authorization default method to use tacacs+ and then local
Updated) – TACACS+, RADIUS, and Cisco AAA
Commands Explained | Complete CCNP Study
Reference
TCP 49 ✔✔TACACS+ port
UDP 1812 & 1813 ✔✔RADIUS port(s)
#aaa new-model ✔✔Global command to enable aaa
#tacacs-server host x.x.x.x key "CCNP" ✔✔Command to set tacacs+ server info
#radius-server host x.x.x.x key "CCNP" ✔✔Command to set a radius server info
#aaa authentication login default group tacacs+ local none ✔✔Example command to set
"default" login method for authentication to tacacs, then local and then none
#login authentication default ✔✔Command to set login authentication to use the "default"
method
#aaa authorization exec default group tacacs+ local ✔✔Example command to set exec
authorization default method to use tacacs+ and then local
