D-Link DXS-3600-EM-4QXS CLI Guide - Page 57
aaa authentication enable
View all D-Link DXS-3600-EM-4QXS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 57 highlights
Usage Guideline DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide If the AAA login authentication security service is enabled on the device, users must use AAA for login authentication negotiation. You must use aaa authentication login to configure a default or optional method list for login authentication. The next method can be used for authentication only when the current method does not work. You need to apply the configured login authentication method to the terminal line which needs login authentication. Otherwise, the configured login authentication method is invalid. Example This example shows how to define an AAA login authentication method list, named 'list-1'. In the authentication method list, the RADIUS security server is used first for authentication. If the RADIUS security server does not respond, the local user database is used for authentication. After the login authentication method list has been created, you can use the Login Authentication Line Configuration command to apply this method list to the console, SSH, or other terminals. DXS-3600-32S#configure terminal DXS-3600-32S(config)#aaa authentication login list-1 group radius local DXS-3600-32S(config)# 6-3 aaa authentication enable This command is used to enable AAA enable authentication and configure the enable authentication method list. The no form of this command is used to delete the user authentication method list. aaa authentication enable default method1 [method2...] no aaa authentication enable default Parameters default method When this parameter is used, the following defined authentication method list is used as the default method for enable authentication. Syntax "{enable | none | group {radius | tacacs+ | group_name}}". Up to four methods supported: enable - Uses the enable password for authentication. none - By pass authentication. group - Can be followed by radius or tacas+ or a group_name "group radius" means use all RADIUS servers group "group tacacs+" means use all TACACS+ server group. "group group_name" is the specific group created via the 'aaa group server global' configuration command. Default Command Mode Command Default Level Usage Guideline None. On the console, the enable password is used if it exists. If no password is set, the process will succeed anyway. Global Configuration Mode. Level: 15 If the AAA enable authentication service is enabled on the device, users must use AAA for enable authentication negotiation. You must use aaa authentication enable to configure a default or optional method list for enable authentication. The next method can be used for authentication only when the current method does not work. The enable authentication function automatically takes effect after configuring the enable authentication method list. 49