Professional Documents
Culture Documents
Soal-05 Instruction Lab Packet Tracer - Authentication, Authorization, and Accounting-TACACS+ and RADIUS Server
Soal-05 Instruction Lab Packet Tracer - Authentication, Authorization, and Accounting-TACACS+ and RADIUS Server
Soal-05 Instruction Lab Packet Tracer - Authentication, Authorization, and Accounting-TACACS+ and RADIUS Server
ADDRESSING TABLE
Addressing Table
Client Name = R1
Client IP = 10.0.1.1/29
Secret = ublk3y
Type = TACACS
Client Name = R2
Client IP = 10.0.1.2/29
Secret = ublr4d1u5
Type = RADIUS
Client Name = S1
Client IP = 10.1.2.91/29
Secret = ublk3ys1
Type = TACACS
Client Name = S2
Client IP = 10.2.5.95/29
Secret = ubls4d1u5
Type = RADIUS
5) Add user:
Add username and password to access R1 (via server TACACS+ ) and R2
(via RADIUS)
6) Add user:
Add username and password to access S1 (via server TACACS+ ) and S2 (via
RADIUS)
R1:
a) Configure AAA authentication (for login and enable) using TACACS with server
10.2.8.248
b) Use local authentication as a backup with username "ublr1" and password
"ublr1!@#".
c) Test that you can login using your own name
Username Password
1 ubltacacsa ubltacacsa
2 ubltacacsb ubltacacsb
3 ubltacacsc ubltacacsc
R2:
a) Configure AAA authentication (for login and enable) using RADIUS with server
10.2.8.254.
b) Use local authentication as a backup with username "ublr2" and password "ublr2!@#"
c) Test that you can login using your own name
S1:
a) Configure AAA authentication (for login and enable) using TACACS with server
10.2.8.254.
b) Use local authentication as a backup with username "ubls1" and password
"ubls1!@#"
c) Test that you can login using your own name
S2:
a) Configure AAA authentication (for login and enable) using RADIUS with server
10.2.9.249
b) Use local authentication as a backup with username "ubls1" and password
"ubls1!@#"
c) Test that you can login using your own name
Verification:
1. You should be able to login to all network devices using your own name.
2. Create another user on the server and verify that the new user can also login
3. Verify that the local backup user cannot login while the server is reachable
4. Disable the port on the switch to the server.
5. Verify that you can login using the local backup account.
Simulation:
1. Verify that when you login as your own user, that TACACS and RADIUS messages
are sent between the router and the server