Configuration Guide AAA Configuration
Confirm the configured method list.
Enter the global configuration mode.
Enter the line configuration mode
login authentication {default |
list-name}
Return to the privileged mode.
Confirm the configuration.
Configuring the AAA Enable Authentication
This section deals with how to configure the AAA Enable authentication methods supported
by our product:
In many cases, the user needs to Telnet the network access server (NAS). After passing the
authentication, the user enters the Command Line Interface (CLI) and is assigned an initial
command execution privilege (0-15 level). You can execute different commans in different
levels and use the show privilege command to display the current level. For the details, see
using the CLI.
After logging in the CLI, you can use the enable command to improve the privilege level if
you fail to execute some commands due to low initial privilege level. To prevent the
unauthorized access to the network, the identity authentication, named Enable
authentication, is necessary when improving the privilege level.
To configure the AAA Enable authentication, execute the following command in the global
configuration mode:
Enter the global configuration mode.
aaa authentication enable default
method1 [method2...]
Define an enable authentication method list, for
example RADIUS.
Enter the line that needs to apply the AAA
authentication.
login authentication
{default|list-name}
Apply the method list on the line.
It can only define one enable authentication method list globally, so it is no need to define
the name of the method list. The keyword "method" means the actual algorithm for
authentication. Only when the current method returns ERROR(no reply), the next
authentication method will be attempted. If the current method returns FAIL, no
authentication method will be used any more. To make the authentication return successfully,
To Next Page
Loading...
