ESR series service routers.ESR-Series. User manual
•
•
•
Step Description Command Keys
22 Activate authentication list of
user privileges elevation.
esr(config-line-console)# enable
authentication <NAME>
<NAME> – list name, set by the
string of up to 31 characters.
Created in step 15.
13.1.5 Example of authentication configuration using telnet via RADIUS server
Objective:
Configure authentication for users connected via Telnet and RADIUS (192.168.16.1/24).
Solution:
Configure connection to RADIUS server and specify the key (password):
esr# configure
esr(config)# radius-server host 192.168.16.1
esr(config-radius-server)# key ascii-text encrypted 8CB5107EA7005AFF
esr(config-radius-server)# exit
Create authentication profile:
esr(config)# aaa authentication login log radius
Specify authentication mode used for Telnet protocol connection:
esr(config)# line telnet
esr(config-line-telnet)# login authentication log
esr(config-line-telnet)# exit
esr(config)# exit
To view the information on RADIUS server connection settings, use the following command:
esr# show aaa radius-servers
To view the authentication profiles, use the following command:
esr# show aaa authentication
13.2 Command privilege configuration
Command privilege configuration is a flexible tool that allows you to assign baseline user privilege level (1–15)
to a command set. In future, you may specify privilege level during user creation which will define a command
set available to them.
Levels 1-9 enable all monitoring commands (show …);
Levels 10-14 enable all commands except for device reboot, user management and other specific
commands;
Level 15 enables all monitoring commands.
To Next Page
Loading...