Groups of AAA servers
- By default, Cisco ios automatically groups RADIUS & TACACS+ servers configured with the radius-server host & tacacs-server host commands into groups
- The aaa authentication command includes the keyword group radius or group tacacs+ to refer to these default groups.
- By default, all defined RADIUS servers end up in the radius group, and all defined TACACS+ servers end up in the tacacs+ group.
- In case of large servers, make different sets of RADIUS or TACACS+ servers.
- servers can be grouped by name using the command
- aaa authentication enable default group fred local
- aaa authentication login default group fred none