Cisco CCNA (640-553) Security Training
Using the “cache authentication profile” command
By Charles Ross CCNA - CCNP #CSCO10444244
In today’s article, I’m going to quickly inform you about the Cisco IOS server group configuration mode command named “cache authentication profile”.
Network administrators (like you) use the “cache authentication profile” command to indicate a cache authentication profile to use in a named RADIUS or TACACS+ server group.
In other words, CCNAs use the command to specify a cache authentication profile for either a RADIUS or TACACS+ server group.
Below is the command’s syntax:
cache authentication profile name
As you can see, the command is very easy to implement; and the name argument is used to give the cache authentication profile a name.
Below is an example of the command being used:
Router>enable
Router#configure terminal
Router(config)#aaa new-model
Router(config)#aaa group server radius networkradiusauthentication
Router(config-sg-radius)#cache authentication profile ittechtips-authen-profile
In the example above, all radius servers that belong to the “networkradiusauthentication” RADIUS server group; will cache their authentication responses according to the rules that have been configured within the authentication profile named “ittechtips-authen-profile”.
Note: Cisco recommends that you configure the authentication profile first, before you apply it to any RADIUS or TACACS+ server group to avoid an error message.
And, like with mostly all Cisco IOS commands; you can use the word “no” in front of the command to remove (disable) the configured command; like you see below:
Router(config-sg-radius)#no cache authentication profile ittechtips-authen-profile
By the way, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.2(28)SB or higher.
I hope this article was very informative and helped you quickly understand the usage of the cache authentication profile command. If you need to learn more; I suggest you visit my website, (www.ccnaittechtips.com) were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques.
To your success,
Charles Ross
CCNA- CCNP #CSCO10444244