EasyManua.ls Logo

Cisco Nexus 3600 NX-OS - Enabling MSCHAP Authentication

Cisco Nexus 3600 NX-OS
154 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
PurposeCommand or Action
Use the config-commands keyword to authorize
configuration mode commands.
Example:
switch(config)# aaa authorization
config-commands default group tac1
Use the group, local, or none keywords to
identify the authorization method.
Example:
switch# aaa authorization commands default
group tac1
The following example shows how to authorize EXEC mode commands with TACACS+ server group tac1:
switch# aaa authorization commands default group tac1
The following example shows how to authorize configuration mode commands with TACACS+ server group
tac1:
switch(config)# aaa authorization config-commands default group tac1
The following example shows how to authorize configuration mode commands with TACACS+ server group
tac1:
If the server is reachable, the command is allowed or not allowed based on the server response.
If there is an error reaching the server, the command is authorized based on the user's local role.
switch(config)# aaa authorization config-commands default group tac1 local
The followng example shows how to authorize configuration mode commands with TACACS+ server group
tac1:
If the server is reachable, the command is allowed or not allowed based on the server response.
If there is an error reaching the server, allow the command regardless of the local role.
switch# aaa authorization commands default group tac1 none
The following example shows how to authorize EXEC mode commands regardless of the local role:
switch# aaa authorization commands default none
The following example shows how to authorize EXEC mode commands using the local role for authorization:
switch# aaa authorization commands default local
Enabling MSCHAP Authentication
Microsoft Challenge Handshake Authentication Protocol (MSCHAP) is the Microsoft version of CHAP. You
can use MSCHAP for user logins to a Cisco Nexus device through a remote authentication server (RADIUS
or TACACS+).
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
17
Configuring AAA
Enabling MSCHAP Authentication

Table of Contents

Related product manuals