D-Link DGS-6600-48T Product Manual - Page 38
Example, no aaa authentication, aaa group server, local, show aaa
View all D-Link DGS-6600-48T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 38 highlights
DGS-6604 m Example aaa authentication Multiple methods for the login/enable authentication per application can be specified. The new setting will overwrite the old association. Use no aaa authentication to disable authentication for system access or to disable the login list of applications used for system access. To configure AAA authentication, first define a group of authentication servers (use aaa group server command). If a specified group server cannot be found, an error message is displayed. The group server defines the type of authentication to be performed and the sequence in which they will be performed. A method list describes authentication methods used in the sequential order listed. The method defines a security protocol, if any is used, for user authentication. More than one method can be defined to provide a backup authentication procedure. If the first method cannot be used or there is no response, the next method listed is used and so on for up to 2 defined methods. The process continues until either the user is authenticated successfully, or all methods listed are exhausted. Note that if, at any point, access is denied by an authentication method employed, the authentication process is stopped, no more methods are eligible and no other attempts to authenticate are made. The local method for authentication uses locally configured login and enable passwords to authenticate login attempts. The login and enable passwords are local to each switch and are not mapped to the individual user names. The local method is used by default for authentication if no method is listed. If a differnet authentication method is listed for login or enable, the switch will not attempt local authentication. In order to use AAA authentication, at least one local user account for login must first be created and the enable password set up. The following example sets a login method list for an authenticate login attempt from all of the applications (including console, telnet, ssh, http). The methods start from group2. Switch(config)# aaa authentication login group group2 local Switch(config)# Verify the settings by entering the show aaa command. CLI Reference Guide 28