authentication default
Use authentication default to specify the default authentication method for an ISP domain.
Use undo authentication default to restore the default.
Syntax
In non-FIPS mode:
authentication default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] | ldap-scheme ldap-scheme-name [ local ] [ none ] | local [ none ]
| none | radius-scheme radius-scheme-name [ hwtacacs-scheme hwtacacs-scheme-name ] [ local ]
[ none ] }
undo authentication default
In FIPS mode:
authentication default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] | ldap-scheme ldap-scheme-name [ local ] | local | radius-scheme
radius-scheme-name [ hwtacacs-scheme hwtacacs-scheme-name ] [ local ] }
undo authentication default
Default
The default authentication method of an ISP domain is local.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
ldap-scheme ldap-scheme-name: Specifies an LDAP scheme by its name, a case-insensitive string of 1 to
32 characters.
local: Performs local authentication.
none: Does not perform authentication.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Usage guidelines
The default authentication method is used for all users who support this method and do not have a
specific authentication method configured.
You can specify multiple default authentication methods, one primary and multiple backup methods.
When the primary method is invalid, the device attempts to use the backup methods in sequence. For
7