Arista EOS AAA configuration for management with Radius protocol and Cisco ISE
Today I will write about AAA configuration (SSH authentication, authorization and accounting) for Arista EOS switches with Cisco ISE as authentication server and AAA protocol will be Radius . Our topology is very simple. One Arista switch and One Cisco ISE server is running on the same network. We are not focusing on network segmentation or security. We are focusing on configuration of AAA with radius protocol from switch management perspective (ssh/telnet). Our topology looks like below - 01 - Network Topology We have a management network 192.168.199.0/24. The switch is at .134 and Cisco ISE is at .49 IP address. We are running the latest version of ISE - version 3.0. Let's define our AAA requirements - Arista switches comes with two pre defined user roles - "network-admin" and "network-operator" . We will use those two roles. One user after successful authentication from radius server (ISE), will be authorized as "network-admin" and will get read-