Network Kings

Networking Basics – What You Need to Know about Networking

Networking is an important aspect of any IT organization. This is often overlooked as a skillset. Networking holds a huge potential as a career option. We will discover everything about networking basics in here. This article contains the following about Networking: What is a Network Infrastructure? What are these networks used for? What are these networks made … Read more

Everything You Need to Know Before Enrolling for CCNA Certification


What is CCNA? CCNA is an IT field certification by Cisco, which will give you the basic fundamental knowledge of how basically the whole network infrastructure works throughout the world. CCNA stands for Cisco certified Network Associate. By doing CCNA you will be able to learn and implement how the IPv4 and IPv6 works. You will … Read more

Cisco Pipe Commands

Cisco Pipe Commands These commands work on Cisco routers as well on other vendors too, Tellabs Core Routers Also Support. These commands won’t work on old Ios, Try your luck friends. The following command will display the contents of the running-config, beginning with the first line containing the text ethernet: Router# show running?| begin ethernet … Read more

AAA Lab in Packet Tracer

AAA Lab in Packet Tracer

Lab Objective : any one try to Telnet the router must be authenticated through AAA server First and in case AAA server is down , routers will use his local user accounts database.

Configuration on the router:

=setting telnet=

Router (config) #enable secret 1111

Router (config) #line vty 0 4

Router (config-line) #login authentication default ?( to apply an on Telnet lines )?

Router (config-line) #login

Router (config-line) #exit

Router (config) #username JKR password 3333

=AAA commands=

Enable AAA on the router :

Router (config) #aaa new-model

Set authentication for login using two methods , method 1 uses AAA server through Tacacs+ protocol , method 2 using local router user accounts:

Router (config) #aaa authentication login default group tacacs+ local

Tell the router what is the IP address for Tacas+ server and key (password) to connect to:

Router (config) #tacacs-server host key 8888

Configuration on AAA server


User account :

Username : JKR

Password: 4444

tacas+ client :

Key : 8888

Now here is few show commands we can use plus one command to unlock any user account reach max failed attempts to logon:

Router#show AAA user all

Router#show AAA sessions

Router#show a local user lockout

Router#clear a local user lockout username all

In best practice try to Telnet the router with local username Yasser password 3333 and it will not work then try to use? the ACS server user name we wrote above : audio password 4444 and it will work fine .

Now disconnect the ACS server or just remove the cable and try to Telnet the router using Yasser and it will work fine .

Remember method 1 fail , you will not go to method 2

But if method 1 is not available then you can go to method 2 and use it.