16
[Sysname-isp-test] authentication ppp radius-scheme rd local
Related commands
• authentication default
• hwtacacs scheme
• local-user
• radius scheme
authentication super
Use authentication super to specify a method for user role authentication.
Use undo authentication super to restore the default.
Syntax
authentication super { hwtacacs-scheme hwtacacs-scheme-name | radius-scheme radius-scheme-name }
*
undo authentication super
Default
The default authentication method of the ISP domain is used for user role authentication.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Usage guidelines
You can specify one authentication method and one backup authentication method to use in case that
the previous authentication method is invalid.
If you specify a scheme to provide the method for user role authentication, the method applies only to
users whose user role is in the format of level-n.
• If an HWTACACS scheme is specified, the device uses the entered username for role authentication.
The username must already exist on the HWTACACS server to represent the highest user level that
a user can obtain. For example, to obtain a level-3 user role whose username is test, the device uses
test@domain-name or test for role authentication, depending on whether the domain name is
required.
• If a RADIUS scheme is specified, the device uses the username $enabn$ on the RADIUS server for
role authentication of any usernames. The variable n is the same as the level of the target user role.
For example, to obtain a level-3 user role, the device uses $enab3$@domain-name or $enab3$,
depending on whether the domain name is required.
To Next Page
Loading...
Need help?
General
