I have 500 routers. Right now we are using local accounts set up on each router to let our admins log into the routers. Whenever an admin leaves, we have to go around to 500 routers and delete that username and add the new guy.
Is it possible to set up a router to use AAA authentication to a Radius server to authenticate telnet access?
That way I just take the ex-employee out of the radius group and he no longer can get into our routers.
If this is possible, would someone be so kind as to point me to a sample config. I am having a hell of a time finding anything on cisco.com.
Thank you