Configuration Guide Configuring AAA
negotiation through AAA. Run the aaa authentication login command to configure the default or optional
method lists for login authentication.
In a method list, the next method is executed only when the current method does not receive response.
After you configure login authentication methods, apply the methods to the VTY lines that require login
authentication; otherwise, the methods will not take effect.
 Defining a Method List of Enable Authentication
aaa authentication enable default method1 [ method2...]
default: With this parameter used, the configured method list will be defaulted.
list-name: Indicates the name of an Enable authentication method list in characters.
method: Indicates authentication methods from enable, local, none, and group. A method list contains up
to four methods.
enable: Indicates that the password that is configured using the enable command is used for authentication.
local: Indicates that the local user database is used for authentication.
none: Indicates that authentication is not performed.
group: Indicates that a server group is used for authentication. Currently, the RADIUS and TACACS+
server groups are supported.
Global configuration mode
If the AAA login authentication service is enabled on the NAS, users must perform Enable authentication
negotiation through AAA. Run the aaa authentication enable command to configure the default or optional
method lists for Enable authentication.
In a method list, the next method is executed only when the current method does not receive response.
 Defining a Method List of 802.1X Authentication
aaa authentication dot1x { default | list-name } method1 [ method2...]
default: With this parameter used, the configured method list will be defaulted.
list-name: Indicates the name of an 802.1X authentication method list in characters.
method: Indicates authentication methods from local, none, and group. A method list contains up to four
methods.
local: Indicates that the local user database is used for authentication.
none: Indicates that authentication is not performed.
group: Indicates that a server group is used for authentication. Currently, the RADIUS server group is
supported.
Global configuration mode
If the AAA 802.1X authentication service is enabled on the NAS, users must perform 802.1X authentication
negotiation through AAA. Run the aaa authentication dot1x command to configure the default or optional
method lists for 802.1X authentication.
In a method list, the next method is executed only when the current method does not receive response.
To Next Page
Loading...
Need help?
General
