C
HAPTER
14
| Security Measures
AAA Authorization and Accounting
– 270 –
CONFIGURING AAA
AUTHORIZATION
Use the Security > AAA > Authorization page to enable authorization of
requested services, and also to display the configured authorization
methods, and the methods applied to specific interfaces.
CLI REFERENCES
◆ "AAA" on page 595
COMMAND USAGE
◆ This feature performs authorization to determine if a user is allowed to
run an Exec shell.
◆ AAA authentication through a RADIUS or TACACS+ server must be
enabled before authorization is enabled.
PARAMETERS
These parameters are displayed:
Configure Method
◆ Authorization Type – Specifies the service as Exec, indicating
administrative authorization for local console, Telnet, or SSH
connections.
◆ Method Name – Specifies an authorization method for service
requests. The “default” method is used for a requested service if no
other methods have been defined. (Range: 1-255 characters)
◆ Server Group Name - Specifies the authorization server group.
(Range: 1-255 characters)
The group name “tacacs+” specifies all configured TACACS+ hosts (see
"Configuring Local/Remote Logon Authentication" on page 259). Any
other group name refers to a server group configured on the TACACS+
Group Settings page. Authorization is only supported for TACACS+
servers.
Configure Service
◆ Console Method Name – Specifies a user defined method name to
apply to console connections.
◆ Telnet Method Name – Specifies a user defined method name to
apply to Telnet connections.
Show Information
◆ Authorization Type - Displays the authorization service.
◆ Method Name - Displays the user-defined or default accounting
method.
◆ Server Group Name - Displays the authorization server group.
To Next Page
Loading...
Need help?
General