!配置本地用户名和密码
R1(config)#username hello privilege 15 secret 0 world
!开户AAA
R1(config)#aaa new-model
!指定ACS为tacacs服务器地址-----旧语法
R1(config)#tacacs-server host 192.168.11.56 key cisco123
!新语法
R1(config)#tacacs server vmacs56
R1(config-server-tacacs)#address ipv4 192.168.11.56
R1(config-server-tacacs)#key cisco123
!配置AAA服务器组
R1(config)#aaa group server tacacs+ mygroup1
R1(config-sg-tacacs+)#server 192.168.11.56
!配置认证和授权方法列表
R1(config)#aaa authentication login myauthenlist group mygroup1 local
R1(config)#aaa authorization exec myauthorlist group mygroup1 local
!在VTY线路下指定认证和授权
R1(config)#line vty 0 4
R1(config-line)#login authentication myauthenlist
R1(config-line)#authorization exec myauthorlist
!测试
R1#test aaa group mygroup1 111 123456 legacy
Attempting authentication test to server-group mygroup1 using tacacs+
User was successfully authenticated.