Configuring Authentication, Authorization, and Accounting 185
Authentication Examples
It is important to understand that during authentication, all that happens is
that the user is validated. If any attributes are returned from the server, they
are not processed during authentication. In the examples below, it is assumed
that the default configuration of authorization—that is, no authorization—is
used.
Local Authentication Example
Use the following configuration to require local authentication when logging
in over a telnet connection:
aaa authentication login “loc” local
line telnet
login authentication loc
exit
username guest password password
passwords strength minimum numeric-characters 2
passwords strength minimum character-classes 4
passwords strength-check
username admin password paSS1&word2 privilege 15
passwords lock-out 3
The following describes each line of this code:
•The
aaa authentication login “loc” local
command
creates a login authentication list called “loc” that contains the method
local.
•The
line telnet
command enters the configuration mode for the
telnet line.
•The
login authentication loc
command assigns the loc login
authentication list to be used for users accessing the switch via telnet.
Table 10-4. Accounting Methods
Method Commands Dot1x Exec
radius no yes yes
tacacs yes no yes
To Next Page
Loading...
