Enabling and disabling passwords
After you set the read-only and read-write passwords, you can individually enable or disable
them for the various switch-access methods. T
o enable passwords, perform the following
task.
1. Access ACLI through the Telnet protocol or a Console connection.
2. From the command prompt, use the cli password command to enable the
desired password.
cli password {telnet | serial} {none | local | radius |
tacacs}
The following table explains the parameters for the cli password command.
Table 11: cli password parameters
Parameter Description
{telnet | serial} Specify whether the password is enabled or
disabled for T
elnet or the console. Telnet and
Web access are connected so that enabling or
disabling passwords for one enables or
disables passwords for the other.
none | local | radius | tacacs Specifies the password type to modify:
• none: disables the password.
• local: uses the locally defined password for
serial console or Telnet access.
• radius: uses RADIUS authentication for serial
console or Telnet access.
• tacacs : uses TACACS+ authentication,
authorization, and accounting (AAA) services
for serial console or Telnet access.
3. Press Enter.
Configuring RADIUS authentication
The Remote
Authentication Dial-In User Service (RADIUS) protocol is a means to authenticate
users through a dedicated network resource. This network resource contains a list of eligible
user names and passwords and their associated access rights. When RADIUS is used to
authenticate access to a switch, the user supplies a user name and password and this
information is checked against the existing list. If the user credentials are valid they can access
the switch.
System configuration using ACLI
72 Configuration — System April 2011
To Next Page
Loading...
