PurposeCommand or Action
• enable—Use the enable password for authentication. Before you can use
this authentication method, you must define an enable password by using
the enable password global configuration command.
• group tacacs+—Uses TACACS+ authentication. Before you can use
this authentication method, you must configure the TACACS+ server.
For more information, see the Identifying the TACACS+ Server Host
and Setting the Authentication Key, on page 45.
• line —Use the line password for authentication. Before you can use this
authentication method, you must define a line password. Use the
password password line configuration command.
• local—Use the local username database for authentication. You must
enter username information in the database. Use the username password
global configuration command.
• local-case—Use a case-sensitive local username database for
authentication. You must enter username information in the database by
using the username name password global configuration command.
• none—Do not use any authentication for login.
Enters line configuration mode, and configures the lines to which you want
to apply the authentication list.
line [console | tty | vty] line-number
[ending-line-number]
Example:
Switch(config)# line 2 4
Step 5
Applies the authentication list to a line or set of lines.login authentication {default |
list-name}
Step 6
•
If you specify default, use the default list created with the aaa
authentication login command.
Example:
Switch(config-line)# login
•
For list-name, specify the list created with the aaa authentication login
command.
authentication default
Returns to privileged EXEC mode.end
Example:
Switch(config-line)# end
Step 7
Verifies your entries.show running-config
Example:
Switch# show running-config
Step 8
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
OL-29048-01 49
Configuring TACACS+
Configuring TACACS+ Login Authentication
To Next Page
Loading...
Need help?
General
Weight and Dimensions
