ADTRAN Total Access 5000 - Configure Authentication Method

To Next Page

To Previous Page

Section 3, Common Provisioning - Provision Authentication, Authorization, and Accounting (AAA)

65K510DEP08-1A 3-21

Configure Authentication Method

TheTotalAccess5000usesthefollowingpriorityofauthenticationmethods:

1. Ifenabled,theTotalAccess5000attemptstoauthenticatetheuserviaEmergencyEntry

Port(EEP).IfEEPisnotenabledortheusernamesuppliedisnotasupportedEEPuser‐

name,theTotalAccess5000proceedstothenext

step.

TheEEPisalocalauthenticationmethodthatcanbeemployedinscenarioswhereall

otherauthenticationmethodsareunsuccessful.WhenEEPisenabled,theusercanenter

apredeterminedusernameCHALLENGEtogainaccesstothesystem.Theuseristhen

presentedachallengekey.Thecorrectresponseto

thischallengekeycanbeacquired

fromADTRANTechnicalSupport.Ifthecorrectresponseisissued,thentheuseris

loggedinwithlocalAdminprivileges.

WhenEEPisenabledandtheCHALLENGEusernameisenteredattheloginprompt,the

networkelementpresentsthechallengekeyimmediately,anddoesnot

requesta

password.Thisistrueregardlessofhowtheauthenticationloginmethodlistis

configured.

NOTE

UsecautionwhendisablingEEP.PriortodisablingEEP,considerationsmust

be given to options for recovery during conditions when all other

authenticationmethodsdenyaccess.

2. Ifenabled,theTotalAccess5000attemptstoauthenticatetheuserusingtheconfigured

TA CACS+server(s).IfTACACS+isnotenabledortheTotalAccess5000 isunableto

connecttoaTACACS+server,theTotalAccess5 000proceedstothenextstep.

3. Ifenabled,theTotalAccess

5000attemptstoauthenticatetheuserusingtheconfigured

RADIUSserver(s).IfRADIUSisnotenabledortheTotalAccess5000isunabletoconnect

toaRADIUSserver,theTotalAccess5000proceedstothenextstep.

4. Ifenabled,theTotalAccess5000authenticatestheuserusingthelocallyprogrammed



useraccounts.Iflocalauthenticationisnotenabled,theTotalAccess5000rejectsthe

NOTE

IftheTotalAccess5000connectsto aTACACS+serveror,then,aRADIUS

server,andtheserverrejectstheloginattempt,theTotalAccess5000doesnot

proceedtothe nextauthenticationmethod.Itrejectstheloginat tempt.A

fallbacktothenextmethodoccursonlyifa timeoutoccurson

allserversofa

givenprotocol(TACACS+orRADIUS).

Toconfiguretheauthenticationmethod(s)tobeused,completethefollowingprocedure:

1. FromtheEnableprompt,type

configure terminal,andpressENTERtoaccesstheGlo‐

balConfigurationprompt.

2. FromtheGlobalConfigurationprompt,type

aaa authentication login default

group tacacs+ [group radius|local]

,andpressENTER.

ADTRAN Total Access 5000 - Configure Authentication Method

Table of Contents

Other manuals for ADTRAN Total Access 5000

Related product manuals