I'm reviewing our config that we have in place for our VPN network (I'm a tech, I didn't create the config), and I came across these lines and am confused on what they actually do.
aaa new-model
I know this is "Authentication, authorization, and accounting," but does this line just globally "turn on" aaa? So, aaa basically is just the Cisco standard for tracking, controlling, and allowing certain users to login/make changes?
aaa authentication login default local
Does this allow anyone to login if you know the local username and password stored in the router database?
aaa authorization exec default local
Same thing but allows anyone who logs in to change anything?
So, authentication determines who is allowed to login, and authorization determines what certain users can do?
aaa session-id common
Cisco says this "To specify whether the same session ID will be used for each aaa"... what does that mean?
crypto pki trustpoint TP-self-signed-3860224465
Something about defining an object to be a trustpoint? What exactly is a trustpoint?
enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3860224465 revocation-check none rsakeypair TP-self-signed-3860224465 crypto pki trustpoint TP-self-signed-1675739775 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1675739775 revocation-check none rsakeypair TP-self-signed-1675739775 crypto pki certificate chain TP-self-signed-3860224465 crypto pki certificate chain TP-self-signed-1675739775
No idea what these do.
Any help would be greatly appreciated!
No comments:
Post a Comment