DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide
49
6-3 aaa authentication enable
This command is used to enable AAA enable authentication and configure the enable authentication method list. The
no form of this command is used to delete the user authentication method list.
aaa authentication enable default
method1
[
method2
...
]
no aaa authentication enable default
Parameters
Usage Guideline
If the AAA login authentication security service is enabled on the device, users must
use AAA for login authentication negotiation. You must use aaa authentication login
to configure a default or optional method list for login authentication.
The next method can be used for authentication only when the current method does
not work.
You need to apply the configured login authentication method to the terminal line
which needs login authentication. Otherwise, the configured login authentication
method is invalid.
Example
This example shows how to define an AAA login authentication method list, named
‘list-1’. In the authentication method list, the RADIUS security server is used first for
authentication. If the RADIUS security server does not respond, the local user
database is used for authentication. After the login authentication method list has
been created, you can use the Login Authentication Line Configuration command to
apply this method list to the console, SSH, or other terminals.
DXS-3600-32S#configure terminal
DXS-3600-32S(config)#aaa authentication login list-1 group radius local
DXS-3600-32S(config)#
default
When this parameter is used, the following defined authentication method list is used
as the default method for enable authentication.
method
Syntax "
{enable | none | group {radius | |
group_name
}}
".
Up to four methods supported:
enable
- Uses the enable password for authentication.
none
- By pass authentication.
group
- Can be followed by radius or tacas+ or a group_name
"
group radius
" means use all RADIUS servers group
"
group tacacs
+" means use all server group.
"
group
group_name
" is the specific group created via the ‘
aaa group server
global
’ configuration command.
Default
None. On the console, the enable password is used if it exists. If no password is set,
the process will succeed anyway.
Command Mode
Global Configuration Mode.
Command Default Level
Level: 15
Usage Guideline
If the AAA enable authentication service is enabled on the device, users must use
AAA for enable authentication negotiation. You must use aaa authentication enable
to configure a default or optional method list for enable authentication. The next
method can be used for authentication only when the current method does not work.
The enable authentication function automatically takes effect after configuring the
enable authentication method list.
Summary of Contents for DXS-3600-16S
Page 1: ...CLI Reference Guide Product Model DXS 3600 Series Layer 2 3 Managed 10GbE Switch Release 1 10 ...
Page 232: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 224 ...
Page 301: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 293 ...
Page 349: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 341 ...
Page 494: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 486 ...
Page 564: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 556 ...
Page 649: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 641 ...