2-71
Controlling Management Access to the ProCurve Secure Router
Quick Start
Enabling AAA
If you want to use AAA for authentication, authorization, or accounting, you
must first enable the AAA subsystem by entering the following command from
the global configuration mode context:
ProCurve(config)# aaa on
Configuring Authentication with AAA
1. Create a list of authentication methods, called a named list, for the enable
mode context.
Syntax: aaa authentication enable default [none | line | enable | {group
<groupname> | radius | tacacs+}]
For example, you might enter:
ProCurve(config)# aaa authentication enable default enable line
Note If you specify a RADIUS or TACACS+ server, you must define that server.
See “Defining a RADIUS Server” on page 2-76 and “Defining a TACACS+
Server” on page 2-76.
2. Create a named list for the router’s access lines (such as the console line
and the Telnet lines).
Syntax: aaa authentication login [default | <listname>] [none | line | enable | local
| {group <groupname> | radius | tacacs+}]
Replace <listname> with the name that you want to use to refer to the
named list that you create. For example, you might enter:
ProCurve(config)# aaa authentication login LoginList enable line local
3. Assign the named list to the console line, Telnet lines, FTP, or Web access.
Move to the appropriate line configuration mode context and enter:
Syntax: login authentication <named list>
You do not have to complete this step to configure AAA authentication
methods for the enable mode.
Remember to save your configuration changes by entering write memory
from the enable mode context.
To Next Page
Loading...
Need help?
General
