EasyManua.ls Logo

Quanta Cloud Technology QuantaMesh QNOS5

Quanta Cloud Technology QuantaMesh QNOS5
256 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
127
radiusSends the user's ID and password a RADIUS server to be authenticated. The method
returns an error if the switch is unable to contact the server.
tacacs+ Sends the user's ID and password to a TACACS+ server to be authenticated. The
method returns an error if the switch is unable to contact the server.
noneNo authentication is used. This method never returns an error.
deny
Access is denied. This method never returns an error.
An authentication method might require a user name and password to be supplied, a password only, or no
user information. Some methods return errors when authentication fails, while other methods do not. The
following table summarizes the method user name/password requirements and error behavior.
Method
User Name Required
Password Required
Error Returned
Local
Yes
Yes
No
RADIUS
Yes
Yes
Yes
TACACS+
Yes
Yes
Yes
Enable
No
Yes
Yes
Line
No
Yes
Yes
None
No
No
No
Deny
No
No
No
Table 4-1: Authentication Method Summary
You can use the same Authentication Profile for all access types, or select or create a variety of profiles
based on how a user attempts to access the switch management interface. Profiles can be applied to each of
the following access types:
LoginAuthenticates all attempts to login to the switch.
EnableAuthenticates all attempts to enter Privileged EXEC mode.
ConsoleAuthenticates access through the console port.
TelnetAuthenticates users accessing the CLI by using telnet
SSHAuthenticates users accessing the CLI by using an SSH client.
The following authentication profiles are configured by default:
defaultListMethod is LOCAL, which means the user credentials are verified against the
information in the local user database.
networkListMethod is LOCAL, which means the user credentials are verified against the
information in the local user database.
enableListMethod is ENABLE, followed by NONE, which means that if the enable password
is not configured access is granted. If the enable password is configured and user fails to
authenticate then access is not granted.
enableNetList Method is ENABLE, followed by DENY, which means that if the enable
password is not configured access is denied. This list is applied by default for telnet and SSH.
In QNOS the enable password is not configured by default. That means that, by default,
telnet and SSH users will not get access to Privileged EXEC mode. However, a console user

Table of Contents