Configuration Guide AAA Configuration
In the example below, it is possible to pass the identity authentication even if the Radius server
returns TIMEOUT. aaa authentication login default group radius none
Since the keyword "none" enables any dialup user can pass the authentication
even if the security server has no reply, it is only used as the backup
authentication method. We suggest not using the "none" identity authentication
in general cases. In special case when all possible dialup users are trustful,
and no delay due to system fault is allowed for the user's work, it is possible to
use "none" as the last identity authentication method in case the security
server has no reply. And we recommend adding the local authentication
method before the ānoneā authentication method.
Use the local username database for
authentication
Do not perform authentication
Use Radius for authentication
The table above lists the AAA login authentication methods supported by our product.
Using the local database for Login authentication
To configure the login authentication with local database, it is required to configure the local
database first. Our product supports authentication based on the local database. To
establish the username authentication, run the following commands in the global
configuration mode:
Enter the global configuration mode.
username name [password password] or
username name [access-class number]
Establish the username authentication using
the password, or the access list.
username name [privilege level]
(Optional) Set the privilege level for the user.
username name [autocommand
command]
(Optional) Set the command auto-executed
after the user login.
Return to the privileged mode.
Confirm the configuration.
To define the local login authentication method list and apply it, run the following commands:
Enter the global configuration mode.
To Next Page
Loading...
