EasyManuals Logo

Foundry Networks Switch and Router User Manual

Default Icon
1070 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #89 background imageLoading...
Page #89 background image
Securing Access to Management Functions
December 2000 3 - 25
with the server, local authentication is used instead. If local authentication fails, no authentication is used; the
device automatically permits access.
Syntax: [no] aaa authentication enable | login default <method1> [<method2>] [<method3>] [<method4>]
[<method5>] [<method6>] [<method7>]
The web-server | enable | login parameter specifies the type of access this authentication-method list controls.
You can configure one authentication-method list for each type of access.
NOTE: If you configure authentication for Web management access, authentication is performed each time a
page is requested from the server. When frames are enabled on the Web management interface, the browser
sends an HTTP request for each frame. The Foundry device authenticates each HTTP request from the browser.
To limit authentications to one per page, disable frames on the Web management interface.
The <method1> parameter specifies the primary authentication method. The remaining optional <method>
parameters specify additional methods to try if an error occurs with the primary method. A method can be one of
the values listed in the Method Parameter column in the following table.
NOTE: For examples of how to define authentication-method lists for types of authentication other than TACACS/
TACACS+, see Configuring Authentication-Method Lists on page 3-47.
Configuring TACACS+ Authorization
Foundry devices support TACACS+ authorization for controlling access to management functions in the CLI.
Two kinds of TACACS+ authorization are supported:
Exec authorization determines a users privilege level when they are authenticated
Command authorization consults a TACACS+ server to get authorization for commands entered by the user
Table 3.2: Authentication Method Values
Method Parameter Description
line Authenticate using the password you configured for Telnet access. The
Telnet password is configured using the enable telnet password
command. See Setting a Telnet Password on page 3-9.
enable Authenticate using the password you configured for the Super User
privilege level. This password is configured using the enable super-
user-password command. See Setting Passwords for Management
Privilege Levels on page 3-10.
local Authenticate using a local user name and password you configured on
the device. Local user names and passwords are configured using the
username command. See Configuring a Local User Account on
page 3-13.
tacacs Authenticate using the database on a TACACS server. You also must
identify the server to the device using the tacacs-server command.
tacacs+ Authenticate using the database on a TACACS+ server. You also must
identify the server to the device using the tacacs-server command.
radius Authenticate using the database on a RADIUS server. You also must
identify the server to the device using the radius-server command.
none Do not use any authentication method. The device automatically
permits access.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Foundry Networks Switch and Router and is the answer not in the manual?

Foundry Networks Switch and Router Specifications

General IconGeneral
BrandFoundry Networks
ModelSwitch and Router
CategorySwitch
LanguageEnglish

Related product manuals