Management Commands
624
ProSafe Managed Switch
aaa authentication login
Use this command to set authentication at login. The default and optional list names that you
create with the
aaa authentication login command are used with the login
authentication command. Create a list by entering the aaa authentication login
list-name method command for a particular protocol, where list-name is any character
string used to name this list. The
method argument identifies the list of methods that the
authentication algorithm tries, in the given sequence. The additional methods of
authentication are used only if the previous method returns an error, not if it fails.
An example of a method that returns an error is if a RADIUS server is not present, and an
example of a method failing is when a RADIUS server cannot authenticate the client. If ‘local’
method is listed first, since local authentication is always available, it only has the fail
condition, not error. As such, if ‘local’ method is the first in the list, no other method will be
tried.
To ensure that the authentication succeeds even if all methods return an error, specify
none
as the final method in the command line. For example if
none is specified as an
authentication method after
radius, no authentication is used if the radius server is down.
Format aaa authentication login {default | list-name} method1 [method2...]
Mode
Default Uses the listed authentication methods that follow this argument as the default list of
methods when a user logs in.
list-name Character string used to name the list of authentication methods activated when a
user logs in. Up to 12 characters.
method1 [method2…] At least one from the following table:
enable
line
local
none
radius
tacacs
Note: The local user database is checked. This has the same effect
as the following command: aaa authentication login local
Global Config
Keyword Description
Uses the enable password for authentication.
Uses the line password for authentication.
Uses the local username database for authentication.
Uses no authentication.
Uses the list of all RADIUS servers for authentication.
Uses the list of all TACACS servers for authentication.
To Next Page
Loading...
