Security Measures
142
Instruction Manual - NXA-ENET8-POE+
Configuring AAA Authorization
Use the Security > AAA > Authorization page to enable authorization of requested services, and also to display the configured
authorization methods, and the methods applied to specific interfaces.
Command Usage
This feature performs authorization to determine if a user is allowed to run an Exec shell.
AAA authentication through a RADIUS or server must be enabled before authorization is enabled.
The following table lists the options on this page:
Perform these steps to configure the authorization method applied to the Exec service type and the assigned server group:
1.
Click
Security
>
AAA
>
Authorization
.
2.
Select
Configure Method
from the Step list.
3.
Specify the name of the authorization method and server group name.
4.
Click
Apply
.
Security - AAA (Authorization) Options
Configure Method
Authorization Type
Specifies the service as:
• Command - Administrative authorization to apply to commands entered at specific CLI privilege
levels.
• Exec - Administrative authorization for local console, Telnet, or SSH connections.
Method Name
Specifies an authorization method for service requests. The default method is used for a requested
service if no other methods have been defined. (Range: 1-64 characters)
Server Group Name
Specifies the authorization server group. (Range: 1-64 characters)
The group name
specifies all configured hosts (see the
section on page 135.) Any other group name refers to a server
group configured on the Group Settings page. Authorization is only supported for
servers.
Configure Service
Authorization Type
Specifies the service as Exec, indicating administrative authorization for local console, Telnet, or
SSH connections.
Console Method Name
Specifies a user defined method name to apply to console connections.
VTY Method Name
Specifies a user defined method name to apply to Telnet and SSH connections.
Show Information
Authorization Type
Displays the authorization service.
Method Name
Displays the user-defined or default accounting method.
Server Group Name
Displays the authorization server group.
Interface
Displays the console or Telnet interface to which these rules apply. (This field is null if the
authorization method and associated server group has not been assigned to an interface.)
FIG. 167
Configuring AAA Authorization Methods