1. Please make the following networking topology


  2. After completion configuring ip address on whole devices, please configuring your AAA Server like you look on the picture below.


  3. Consider your configuration on :
    1. IP address on whole devices
    2. Routing table on R0 and R1
    3. Enable Secret
    4. AAA
    5. Line console
    6. Line vty

    Following is the complete configuration of each router.

    —–Router 0 ————–

    Current configuration : 906 bytes

    !

    version 12.4

    no service timestamps log datetime msec

    no service timestamps debug datetime msec

    no service password-encryption

    !

    hostname R0

    !

    !

    enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

    !

    aaa new-model

    !

    aaa authentication login console-login group tacacs+

    !

    ip cef

    no ipv6 cef

    !

    spanning-tree mode pvst

    !

    interface FastEthernet0/0

    ip address 192.168.2.1 255.255.255.0

    duplex auto

    speed auto

    !

    interface FastEthernet0/1

    ip address 192.168.1.1 255.255.255.0

    duplex auto

    speed auto

    !

    interface Vlan1

    no ip address

    shutdown

    !

    ip classless

    ip route 192.168.3.0 255.255.255.0 192.168.2.4

    !

    ip flow-export version 9

    !

    !

    tacacs-server host 192.168.1.2 key rahasia

    !

    !

    line con 0

    login authentication console-login

    !

    line aux 0

    !

    line vty 0 4

    login authentication console-login

    line vty 5 15

    login authentication console-login

    !

    !

    !

    End

    —————–Router 1————

    Current configuration : 865 bytes

    !

    version 12.4

    no service timestamps log datetime msec

    no service timestamps debug datetime msec

    no service password-encryption

    !

    hostname Router

    !

    !

    enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

    !

    !

    aaa new-model

    !

    aaa authentication login console-login group tacacs+

    !

    !

    ip cef

    no ipv6 cef

    !

    !

    spanning-tree mode pvst

    !

    interface FastEthernet0/0

    ip address 192.168.2.4 255.255.255.0

    duplex auto

    speed auto

    !

    interface FastEthernet0/1

    ip address 192.168.3.1 255.255.255.0

    duplex auto

    speed auto

    !

    interface Vlan1

    no ip address

    shutdown

    !

    ip classless

    ip route 0.0.0.0 0.0.0.0 192.168.2.1

    !

    ip flow-export version 9

    !

    tacacs-server host 192.168.1.2 key rahasia1

    !

    line con 0

    login authentication console-login

    !

    line aux 0

    !

    line vty 0 4

    login authentication console-login

    line vty 5 15

    login authentication console-login

    !

    end

  4. Testing can be done by :
    1. Login console and enter the user password that you created in the server AAA.


    2. Login to router0 or router 1 via telnet login


        

About tacacs please visit :

  1. http://www.tacacs.net/
  2. https://en.wikipedia.org/wiki/TACACS
  3. https://www.google.co.id/search?site=&source=hp&q=tacasc&oq=tacasc&gs_l=hp.3..0i13l10.3019.8613.0.9995.10.9.1.0.0.0.251.1243.0j3j3.6.0….0…1c.1.64.hp..4.6.1026.0.wsV-RCuXkvQ
  4. http://elektro.undip.ac.id/el_kpta/wp-content/uploads/2012/05/L2F007045_MKP.pdf