Send feedback to nx5000-docfeedback@cisco.com
1-7
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 1 Configuring AAA
Configuring AAA
Note If you are familiar with the Cisco IOS CLI, be aware that the Nexus 5000 Series commands for this
feature might differ from the Cisco IOS commands that you would use.
Configuring Console Login Authentication Methods
This section describes how to configure the authentication methods for the console login.
The authentication methods include the following:
• Global pool of RADIUS servers
• Named subset of RADIUS or TACACS+ servers
• Local database on the Nexus 5000 Series switch
• Username only (none)
The default method is local.
Note The group radius and group server-name forms of the aaa authentication command are used for a set
of previously defined RADIUS servers. Use the radius server-host command to configure the host
servers. Use the aaa group server radius command to create a named group of servers.
Before you configure console login authentication methods, configure RADIUS or TACACS+ server
groups as needed. To configure console login authentication methods, perform this task:
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# aaa authentication login
console {group group-list [none]| local |
none}
Configures login authentication methods for the
console.
The group-list argument consists of a
space-delimited list of group names. The group
names are the following:
• radius—Uses the global pool of RADIUS
servers for authentication.
• named-group—Uses a named subset of
TACACS+ or RADIUS servers for
authentication.
The local method uses the local database for
authentication. The none method uses the username
only.
The default console login method is local, which is
used when no methods are configured or when all of
the configured methods fail to respond.
Step 3
switch(config)# exit
Exits configuration mode.
To Next Page
Loading...
