1-5
authentication
Syntax
authentication
{
radius-scheme
radius-scheme-name
[
local
] |
hwtacacs-scheme
hwtacacs-scheme-name
[
local
] |
local
|
none
}
undo authentication
View
ISP domain view
Parameters
radius-scheme radius-scheme-name
: Specifies to use a RADIUS authentication scheme. Here,
radius-scheme-name
is a string of up to 32 characters.
hwtacacs-scheme hwtacacs-scheme-name
: Specifies to use an HWTACACS authentication scheme.
Here,
hwtacacs-scheme-name
is a string of up to 32 characters.
local
: Specifies to use local authentication scheme.
none
: Specifies not to perform authentication.
Description
Use the
authentication
command to configure an authentication scheme for current ISP domain.
Use the
undo authentication
command to restore the default authentication scheme setting of current
ISP domain.
By default, no separate authentication scheme is configured for an ISP domain.
Note that:
z
Before you can use the
authentication
command to reference a RADIUS scheme in current ISP
domain, the RADIUS scheme must already exist.
z
If you execute the
authentication radius-scheme radius-scheme-name local
command, the
local scheme is used as the secondary authentication scheme in case no RADIUS server is
available. That is, if the communication between the switch and a RADIUS server is normal, no
local authentication will be performed; otherwise, local authentication will be performed.
z
If you execute the
authentication hwtacacs-scheme hwtacacs-scheme-name local
command,
the local scheme is used as the secondary authentication scheme in case no TACACS server is
available. That is, if the communication between the switch and a TACACS server is normal, no
local authentication will be performed; otherwise, local authentication will be performed.
z
If you execute the
authentication local
command, the local scheme is used as the primary
scheme. In this case, there is no secondary authentication scheme.
z
If you execute the
authentication none
command, no authentication will be performed.
z
The
authentication
command takes precedence over the
scheme
command. If the
authentication
command is configured in an ISP domain view, the system uses the authentication
scheme referenced in the command to authenticate the users in the domain; otherwise it uses the
scheme referenced in the
scheme
command to authenticate the users.
Related commands:
scheme
,
radius scheme
,
hwtacacs scheme
.
Summary of Contents for 5500-EI Series
Page 43: ...2 6 ...
Page 76: ...1 17 ...
Page 228: ...ii stp transmit limit 1 44 vlan mapping modulo 1 45 vlan vpn tunnel 1 46 ...
Page 477: ...5 24 Sysname vlan 2 Sysname vlan2 service type multicast ...
Page 503: ...2 3 System View return to User View with Ctrl Z Sysname dot1x url http 192 168 19 23 ...
Page 519: ...iii ...
Page 597: ...2 2 security policy server 192 168 0 1 user name format without domain ...
Page 648: ...1 9 Examples Clear static ARP entries Sysname reset arp static ...
Page 663: ...4 3 Sysname resilient arp interface vlan interface 2 ...
Page 767: ...1 28 From 12 00 Jan 1 2008 to 12 00 Jun 1 2008 ...
Page 1111: ...ii xmodem get 3 18 ...
Page 1314: ...A 44 Z ...