AAA Service Configuration Options
On Cisco Nexus devices, you can have separate AAA configurations for the following services:
•
User Telnet or Secure Shell (SSH) login authentication
•
Console login authentication
•
User management session accounting
The following table lists the CLI commands for each AAA service configuration option.
Table 2: AAA Service Configuration Commands
Related CommandAAA Service Configuration Option
aaa authentication login defaultTelnet or SSH login
aaa authentication login consoleConsole login
aaa accounting defaultUser session accounting
You can specify the following authentication methods for the AAA services:
• RADIUS server groups—Uses the global pool of RADIUS servers for authentication.
• Specified server groups—Uses specified RADIUS or TACACS+ server groups for authentication.
• Local—Uses the local username or password database for authentication.
• None—Uses only the username.
If the method is for all RADIUS servers, instead of a specific server group, the Cisco Nexus devices choose
the RADIUS server from the global pool of configured RADIUS servers in the order of configuration.
Servers from this global pool are the servers that can be selectively configured in a RADIUS server group
on the Cisco Nexus devices.
Note
The following table describes the AAA authentication methods that you can configure for the AAA services.
Table 3: AAA Authentication Methods for AAA Services
AAA MethodsAAA Service
Server groups, local, and noneConsole login authentication
Server groups, local, and noneUser login authentication
Server groups and localUser management session accounting
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
9
Configuring AAA
AAA Service Configuration Options
To Next Page
Loading...
Need help?
General